McAfee MAP-3300-SWG Product Guide - Page 171
ICAP Authentication, Response modification service, Timeouts
UPC - 731944547008
View all McAfee MAP-3300-SWG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 171 highlights
Overview of Web features Web Configuration Response modification service Table 155 Option definitions Option Service path Definition Default value is /RESPMOD. Timeouts Table 156 Option definitions Option Data timeout Definition Specifies how long the appliance waits to receive data from the ICAP client. Default value is 60 seconds. Check connection every Specifies how often the appliance checks that the ICAP client is still connected. Default value is 20 seconds. ICAP Authentication Use this page to specify details about the authentication servers, and ICAP header extensions that might be present in REQMOD and RESPMOD requests, such as X-Authenticated-User and X-Authenticated-Groups, to provide information about the source of the encapsulated HTTP message. Web | Web Configuration | ICAP | Authentication Using this information, the appliance can identify the user's name for its user-based policies and URL filtering reports, without the need to configure authentication services or authentication groups on the appliance. The appliance can extract the user name and group names from the ICAP header extensions. The appliance does not authenticate users. Authentication is done by another server (for example, a web-caching appliance). However, if the appliance can extract the user's identity, it can apply URL filtering and other policy settings based on that identity. Table 157 Option definitions Option Authenticated user header Definition Specifies a header that the ICAP server adds after it has authenticated the user to show who made the request. Default value is X-Authenticated-User. Authenticated user encoding Authenticated user pattern Specifies the user name. Typically this is in plain text or by default, base 64. Specifies a regular expression that enables the appliance to extract the user name from the text of the Authenticated user header. Default value is cn=([^\s,=]+).*)$ Authenticated group header Specifies a header that the ICAP server adds after it has authenticated the group to show who made the request. Default value is X-Authenticated-User-Group. Authenticated group encoding Authenticated group pattern Specifies the group name. Typically this is in plain text or by default, Base 64. Specifies a regular expression that enables the appliance to extract the group name from the text of the Authenticated groups header. Default value is ou=([^\s,=]+).*)$ McAfee Email and Web Security Appliances 5.6.0 Product Guide 171