McAfee MAP-3300-SWG Product Guide - Page 173
Enable data trickling, Data trickling, during data receipt, Denied Verbs, Permitted, Verbs, Denied
UPC - 731944547008
View all McAfee MAP-3300-SWG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 173 highlights
Overview of Web features Web Configuration Data trickling (response modification only) Table 160 Option definitions Option Enable data trickling Data trickling Definition Enables the downloading of large files to the client before the whole file has been received from the server. Caution: Data trickling can leave your network vulnerable to viruses and other potentially harmful software because the file is not fully scanned. For this reason, we do not recommend data trickling. Default values are: Delay before data trickling starts - 15 seconds Trickle data every - 10 seconds Amount of data to trickle each time - 1024 bytes Maximum amount of data to trickle - 10% Enable data trickling during data receipt When selected, enables data trickling during data receipt. This is an advanced feature for NetCache clients only, Permissions (request modification only) Table 161 Option definitions Option Denied Verbs Permitted Verbs Denied Schemes Definition Displays the HTTP verbs that cannot be used in the communication between the ICAP client and the appliance when the ICAP client uses the REQMOD option. When you add any HTTP verbs to this list, by implication, you permit the use of all other verbs that are not in that list. Displays the HTTP verbs that can be used in the communication between the ICAP client and the appliance when the ICAP client uses the REQMOD option. When you add any HTTP verbs to this list, by implication, you deny all other verbs that are not in that list. Displays the request schemes that cannot be used. URLs include text that defines which resource is being requested. After you add any schemes to this list, by implication, you permit the use of all other schemes that are not in the list. Permitted Schemes Displays the request schemes that can be used. URLs include text that defines which resource is being requested. After you add any schemes to this list, by implication, you deny the use of all other schemes that are not in this list. Permitted Ports Displays the HTTP port numbers that the appliance will use when forwarding traffic. For security reasons, the appliance forwards requests only to certain port numbers, which prevents hackers tunnelling different protocols over a HTTP connection. Use this option for HTTP traffic that is not sent over the SSL. The entry 1025- means port number 1025 or above. Permitted SSL Ports Displays the HTTP port numbers that the appliance will use when forwarding traffic over SSL (Secure Socket Layer). For security reasons, the appliance forwards requests only to certain port numbers, which prevents hackers tunnelling different protocols over a HTTP connection. The port numbers that can be used depend on the HTTP verb. Access using the CONNECT verb is most tightly restricted, because once this verb has been accepted, there is little restriction on the data that can be transferred. Web browsers configured to operate in proxy mode use the CONNECT verb when trying to initiate a HTTPS connection running over SSL. The entry 1025- means port number 1025 or above. Typical values are 443 (HTTPS) and 563 (SNEWS). McAfee Email and Web Security Appliances 5.6.0 Product Guide 173