Transparent Http/Ftp Proxy Configuration - ESET GATEWAY SECURITY Installation Manual
Hide thumbs
Also See for GATEWAY SECURITY:
- Installation manual (38 pages) ,
- Datasheet (2 pages) ,
- Installation manual (26 pages)
Table of Contents
Advertisement
ESET Gateway Security protects the organization's HTTP and FTP services against viruses,
worms, trojans, spyware, phishing and other internet threats. The term 'Gateway Server' refers
to layer 3, or 'router' level of the ISO/OSI model. In this chapter we review the process of ESET
Gateway Security integration with various services.
5.1. Transparent HTTP/FTP proxy configuration
The configuration for transparent proxying is based on a standard routing mechanism as
shown in Figure 5-1 below:
Figure 5-1. Scheme of ESET Gateway Security as a transparent proxy
The configuration is created naturally as kernel IP routing tables are defined on each local
network client. These routing tables are used to establish static routes to the default network
gateway server (router). On a DHCP network, this is done automatically. All HTTP (or FTP)
communication with outbound servers is then routed via network gateway server, where ESET
Gateway Security must be installed in order to scan the communication for infiltrations. For this
purpose, a generic ESETS HTTP (or FTP) filter has been developed, called esets_http (or esets_
ftp).
To configure ESET Gateway Security to scan HTTP (or FTP) messages routed through the
network gateway server, enter the command:
/usr/sbin/esets_setup
Follow the instructions provided by the script. When the 'Available installations/un-installations'
offer appears, choose the 'HTTP' (or FTP) option to display the 'install/uninstall' options, then
choose 'install' . This will automatically configure the module to listen on a predefined port. It
also redirects IP packets originating from the selected network and redirects the HTTP (or FTP)
traffic to the port where esets_http (or esets_ftp) listens. This means that only requests originally
sent to HTTP (or FTP) destination ports will be scanned. If you also wish to monitor other ports,
equivalent redirection rules must be assigned.
In default mode, the installer shows all steps which will be performed and also creates a
backup of the configuration, which can be restored at any time. The detailed installer utility steps
for all possible scenarios are also described in appendix A of this document.
16
INTERNET
Eset Gateway Security
Router
User Agent
User Agent
Client
Client
Local Network
User Agent
Client
ESET Gateway Security
Advertisement
Table of Contents
Need help?
Do you have a question about the GATEWAY SECURITY and is the answer not in the manual?
Questions and answers