McAfee MAP-3300-SWG Product Guide - Page 164
Basic HTTP settings, User Authentication, Table 142, Option Definitions
UPC - 731944547008
View all McAfee MAP-3300-SWG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 164 highlights
Overview of Web features Web Configuration • Basic HTTP settings • User Authentication • Timeouts Basic HTTP settings Table 142 Option Definitions Option Enable the HTTP protocol HTTP ports Definition Normally, this option is selected. Specifies the ports that the appliance will scan for threats when in Explicit Proxy mode. Typical ports are 80 for listening, and port 443 for secure web access using HTTPS. Do not add secure ports such as 443 as listening ports. If an appliance is operating in a transparent mode, you can exclude some parts of the network from scanning traffic in a protocol, either all the time or for some periods during the day. The most secure option is to scan all traffic. Before turning off scanning of any traffic, consider the security risks. Click these icons and the port headings to reveal icons for managing the port information: Enable reverse DNS If this option is not set, web access is faster but: lookups • HTTPS URL filtering cannot work because the URLs are recorded by name, such as www.example.com, not as IP addresses. • The logs are less informative because they contain only IP addresses such as 192.168.200.254, not names such as www.example.com. User Authentication Use this section to enable user authentication for this policy. By default, authentication is disabled. To set up authentication services, select System | Users, Groups and Services | Web User Authentication on the navigation bar. Table 143 Option Definitions Option Authentication group Protocol preset Advanced settings Request Verbs Definition Select an authentication group from the list of all available authentication groups configured globally. The list is disabled if authentication is off. The selected authentication group defines which authentication service is used. Authentication can be configured to try more than one authentication service in a defined order. Allows you to make settings for any exception to the default setting. For example, you can require that some parts of the network use different devices for their authentication. You do not normally need to change the following settings. Request verbs are acted on to start the authentication redirect process. This is normally set to GET. 164 McAfee Email and Web Security Appliances 5.6.0 Product Guide