Transparent Http/Ftp Proxy Configuration - ESET GATEWAY SECURITY Installation Manual
Hide thumbs
Also See for GATEWAY SECURITY:
- Installation manual (38 pages) ,
- Datasheet (2 pages) ,
- Installation manual (20 pages)
Table of Contents
Advertisement
The ESET Gateway Security protects organization's HTTP and FTP services against viruses,
worms, trojans, spyware, phishing and other internet threats on the level of Internet Gateway
Servers. Note that under the term Gateway Servers we understand layer-3 Gateways of ISO/OSI
model, i.e. routers. In this chapter we review the process of the product integration with the
services introduced.
5.1. Transparent HTTP/FTP proxy configuration
Configuration for transparent proxying is based on standard routing mechanism shown in
the following figure.
Figure 5-1. Scheme of ESET Gateway Security as a transparent proxy.
The configuration is created naturally as kernel IP routing tables are defined on each local
network client. These routing tables are used to set-up static routes to the default network
gateway server (router). Note that it is done automatically in case of the DHCP network. Using
this mechanism all the HTTP (resp. FTP) communication with the outbound servers is routed
via network gateway server where ESET Gateway Security must be installed in order to scan the
communication for infiltrations. For this purpose, a generic ESETS HTTP (resp. FTP) filter - esets_
http (resp. esets_ftp) has been developed.
In order to configure ESET Gateway Security for scanning of HTTP (resp. FTP) messages routed
through the network gateway server, enter the command:
esets_setup
Follow instructions provided by the script. Once 'Available installations/un-installations' offer
appears, choose 'HTTP' (resp. FTP) option that will provide you with the appropriate module
'install/uninstall' options. Choose the one called 'install' . This will automatically set-up the module
to listen to predefined port and redirect IP packets originating from the selected network and
with HTTP (resp. FTP) destination port to the port where esets_http (resp. esets_ftp) listens. This
means that only requests originally sent to HTTP (resp. FTP) destination port will by scanned. If
other ports are under interest, an equivalent redirection rules have to be assigned.
Note that the installer in default mode shows all steps it is going to perform and provide also
the backup of the configuration that may be restored later at any time. The detailed installer utility
steps for all possible scenarios are described also in the appendix A of this documentation.
16
INTERNET
Eset Gateway Security
Router
User Agent
User Agent
Client
Client
Local Network
User Agent
Client
ESET Gateway Security
Advertisement
Table of Contents
Need help?
Do you have a question about the GATEWAY SECURITY and is the answer not in the manual?
Questions and answers