Optimizing Webvpn Performance - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Chapter 37
Configuring WebVPN
Optimizing WebVPN Performance
The security appliance provides several ways to optimize WebVPN performance and functionality.
Performance improvements include caching and compressing web objects. Functionality tuning includes
setting limits on content transformation and proxy-bypass. APCF provides an additional method of
tuning content transformation. The following sections explain these features:
•
•
Configuring Caching
Caching enhances WebVPN performance. It stores frequently reused objects in the system cache, which
reduces the need to perform repeated rewriting and compressing of content. It reduces traffic between
WebVPN and the remote servers, with the result that many applications run much more efficiently.
By default, caching is enabled. You can customize the way caching works for your environment by using
the caching commands in cache mode, which you enter from webvpn mode, as in the following example.
hostname(config)#
hostname(config)# webvpn
hostname(config-webvpn)# cache
hostname(config-webvpn-cache)#
A list of caching commands and their functions follows:
Cache Command
cache-compressed
disable
expiry-time
lmfactor
max-object-size
min-object-size
Configuring Content Transformation
By default, the security appliance processes all WebVPN traffic through a content
transformation/rewriting engine that includes advanced elements such as JavaScript and Java to proxy
HTTP traffic that may have different semantics and access control rules depending on whether the user
is accessing an application within or independently of an SSL VPN device.
Some web resources require highly individualized treatment. The following sections describe
functionality that provides such treatment:
•
•
•
•
OL-10088-01
Configuring Caching
Configuring Content Transformation
Configuring a Certificate for Signing Rewritten Java Content
Disabling Content Rewrite
Using Proxy Bypass
Configuring Application Profile Customization Framework
Function
Caches compressed content.
Disables caching.
Configures an expiration time for caching objects.
Configures terms for revalidating cached objects.
Sets a maximum size for objects to cache.
Sets a minimum size for objects to cache.
Cisco Security Appliance Command Line Configuration Guide
Optimizing WebVPN Performance
37-27
Advertisement
Table of Contents
Troubleshooting
