Adding A Proxy Service For Http - Watchguard Firebox X1000 User Manual

Chapter 9: Configuring Proxied Services
a variety of custom options including specialized
logging features, definition of safe content types, and
WebBlocker.
• HTTP is a proxy service that functions very much like
Proxied-HTTP, except that it controls both incoming
and outgoing access only on port 80.
The WatchGuard service called "HTTP" is not to be
confused with an HTTP caching proxy. An HTTP caching
proxy refers to a separate machine that performs caching of
Web data.
Filtered-HTTP is a multiservice that combines
•
configuration options for HTTP on port 80 with a rule
allowing (by default) all outgoing TCP connections. As
a filtered service, Filtered-HTTP is considerably faster
than Proxied-HTTP or HTTP, but does not provide
protection that is as thorough or as effective. In
addition, none of the custom options, including
WebBlocker, are available for Filtered-HTTP.

Adding a proxy service for HTTP

Most network administrators use the HTTP proxy service
when configuring Web traffic. Many administrators com-
bine their HTTP service with an outgoing proxy service
configured Any to Any to keep the HTTP service both easy
to understand and control. In the following procedure, you
define the content allowed to pass through the firewall.
1 In Policy Manager, click the Add Service icon. Expand
the Proxies folder, double-click HTTP, and then click
OK.
The HTTP Properties dialog box appears. The default stance is to
deny incoming traffic and to allow outgoing traffic from Any to
Any.
2
Use the Incoming HTTP connections are drop-down
list to select Enabled and Allowed.
3
Configure the service as you want. For example, to
configure the HTTP proxy to allow incoming traffic
152
N
OTE
WatchGuard Firebox System