Difference between revisions of "GWVICAP"
| Line 7: | Line 7: | ||
== Level 2 == | == Level 2 == | ||
| − | The Web Interface can be integrated with an ICAP enabled device. ICAP is a standard protocol that is built into some Firewall devices. When these devices are configured properly, they can talk to GWAVA and have the content scanned by GWAVA. | + | The Web Interface can be integrated with an ICAP enabled device. |
| + | |||
| + | ICAP is a standard protocol that is built into some Firewall devices. | ||
| + | |||
| + | When these devices are configured properly, they can talk to GWAVA and have the content scanned by GWAVA. | ||
| − | Web Proxies such as Squid have many configuration options. It can integrate with LDAP servers to require authentication or limit the connections to only certain IP addresses. All of these configuration options can be found at http://www.squid-cache.org/ | + | Web Proxies such as Squid have many configuration options. |
| + | |||
| + | It can integrate with LDAP servers to require authentication or limit the connections to only certain IP addresses. | ||
| + | |||
| + | All of these configuration options can be found at http://www.squid-cache.org/ | ||
== Hands On == | == Hands On == | ||
| − | Configuring Squid | + | ==== Configuring Squid ==== |
Once squid is configured, you need to edit the squid configuration file so that it knows to send web requests to GWAVA to be scanned. These are the core settings that need to be added to Squid: | Once squid is configured, you need to edit the squid configuration file so that it knows to send web requests to GWAVA to be scanned. These are the core settings that need to be added to Squid: | ||
| Line 30: | Line 38: | ||
You need to set the ICAP to be enabled. Then you need to send the requests and responses to GWAVA to be scanned. GWAVA will then send a the request back to Squid or a new page that will be displayed in the browser. Once squid has been restarted, It will send requests to GWAVA to be scanned. In order to test this, set up your browser to use the Squid server as your proxy server. | You need to set the ICAP to be enabled. Then you need to send the requests and responses to GWAVA to be scanned. GWAVA will then send a the request back to Squid or a new page that will be displayed in the browser. Once squid has been restarted, It will send requests to GWAVA to be scanned. In order to test this, set up your browser to use the Squid server as your proxy server. | ||
| − | Create filter in GWAVA | + | ==== Create filter in GWAVA ==== |
1) Open the GWAVA Management Console | 1) Open the GWAVA Management Console | ||
2) Open the Scanner/Policy Management Menu | 2) Open the Scanner/Policy Management Menu | ||
| Line 43: | Line 51: | ||
9) Wait 1 minute for the configuration to refresh | 9) Wait 1 minute for the configuration to refresh | ||
| − | + | ==== Testing ==== | |
In the browser that is configured to talk to the proxy, try and browse to http://www.gwava.com | In the browser that is configured to talk to the proxy, try and browse to http://www.gwava.com | ||
| + | |||
| + | The browser should respond that the web page was blocked. | ||
| + | |||
Now that you know all there is to know about the GWAVA Modules, lets take a look at how the GWAVA Server is configured. This is done through the [http://training.gwava.com/index.php5/Server_Management Server Management]. | Now that you know all there is to know about the GWAVA Modules, lets take a look at how the GWAVA Server is configured. This is done through the [http://training.gwava.com/index.php5/Server_Management Server Management]. | ||
Revision as of 21:56, 29 July 2013
The Web Interface allows GWAVA to filter web traffic. The Web Interface can search all web traffic to block URLs, key words in web page text with body filtering, or it may be used to limit traffic through web user authentication. The Web interface works in conjunction with an existing ICAP enabled proxy, such as Squid.
Contents |
Level 1
The Web Interface allows for internet traffic to be scanned on a local network. This is done by using a proxy server that is ICAP enabled. The ICAP feature is what is used to talk to GWAVA and scan the content of the web pages. After installing the web interface, it is configured just as any of the other interfaces are configured.
Level 2
The Web Interface can be integrated with an ICAP enabled device.
ICAP is a standard protocol that is built into some Firewall devices.
When these devices are configured properly, they can talk to GWAVA and have the content scanned by GWAVA.
Web Proxies such as Squid have many configuration options.
It can integrate with LDAP servers to require authentication or limit the connections to only certain IP addresses.
All of these configuration options can be found at http://www.squid-cache.org/
Hands On
Configuring Squid
Once squid is configured, you need to edit the squid configuration file so that it knows to send web requests to GWAVA to be scanned. These are the core settings that need to be added to Squid: #icap_log /var/log/squid/icap.log icap_enable on #icap_send_client_username on #icap_client_username_encode off #icap_client_username_header X-Authenticated-User icap_service service_req reqmod_precache bypass=0 icap://<IP_of_GWAVA>:1344/request adaptation_access service_req allow all icap_service service_resp respmod_precache bypass=0 icap://<IP_of_GWAVA>:1344/response adaptation_access service_resp allow all
You need to set the ICAP to be enabled. Then you need to send the requests and responses to GWAVA to be scanned. GWAVA will then send a the request back to Squid or a new page that will be displayed in the browser. Once squid has been restarted, It will send requests to GWAVA to be scanned. In order to test this, set up your browser to use the Squid server as your proxy server.
Create filter in GWAVA
1) Open the GWAVA Management Console
2) Open the Scanner/Policy Management Menu
3) Expand down the Policy that was created for the Web Scanner
4) Expand open the Scanning Configuration menu
5) Select the URL filter
6) Click the new filter button and enter the filter:
http://www.gwava.com*
The * is important so dont leave it off.
7) Make sure the Block option is set
8) Click Save Changes
9) Wait 1 minute for the configuration to refresh
Testing
In the browser that is configured to talk to the proxy, try and browse to http://www.gwava.com The browser should respond that the web page was blocked.
Now that you know all there is to know about the GWAVA Modules, lets take a look at how the GWAVA Server is configured. This is done through the Server Management.
