Support

Table of Contents You are at the beginning of the document Go to the next page Go to the index

Table of Contents

Overview
Deployment options
Components
Processes
Administration tools
Proxy traffic analysis features
Online Help
Technical Support
Getting Started
Accessing Content Gateway Manager
Configuring Content Gateway for two-factor authentication
Entering your subscription key
Providing system information
Verifying that the proxy is processing Internet requests
Using the command-line interface
Starting and stopping Content Gateway on the Command Line
Web Proxy Caching
Ensuring cached object freshness
HTTP object freshness
Modifying the aging factor for freshness computations
Setting an absolute freshness limit
Specifying header requirements
Cache-Control headers
Revalidating HTTP objects
FTP object freshness
Scheduling updates to local cache content
Configuring the Scheduled Update option
Forcing an immediate update
Pinning content in the cache
Setting cache pinning rules
Enabling cache pinning
To cache or not to cache?
Caching HTTP objects
Client directives
Configuring the proxy to ignore client no-cache headers
Origin server directives
Configuring the proxy to ignore server no-cache headers
Configuring the proxy to ignore WWW-Authenticate headers
Configuration directives
Disabling HTTP object caching
Caching dynamic content
Caching cookied objects
Forcing object caching
Caching HTTP alternates
Caching FTP objects
Disabling FTP over HTTP caching
Explicit Proxy
Manual browser configuration
Using a PAC file
Sample PAC file
Using WPAD
Configuring FTP clients in an explicit proxy environment
Content Gateway Version 7.7.3 support for IPv6
Transparent Proxy and ARM
The ARM
Transparent interception strategies
Transparent interception with a Layer 4 switch
Transparent interception with WCCP v2 devices
ARM bypass and WCCP
WCCP load distribution
Configuring WCCP v2 routers
Configuring service groups on the WCCP device
Enabling WCCP processing for a service group
Disabling WCCP processing for a service group
Enabling WCCP v2 security on the router
Enabling WCCP v2 in Content Gateway
Enabling WCCP in Content Gateway Manager
Configuring service groups in Content Gateway Manager
Transparent interception and multicast mode
Transparent interception with policy-based routing
Transparent interception with software-based routing
Interception bypass
Dynamic bypass rules
Setting dynamic bypass rules
Viewing dynamic bypass statistics
Static bypass rules
Viewing the current set of bypass rules
Connection load shedding
Reducing DNS lookups
IP spoofing
Clusters
Changing clustering configuration
Adding nodes to a cluster
Deleting nodes from a cluster
Virtual IP failover
Enabling and disabling virtual IP addressing
Adding and editing virtual IP addresses
Hierarchical Caching
HTTP cache hierarchies
Parent failover
Configuring Content Gateway to use an HTTP parent cache
Configuring the Cache
Adding a cache disk after installation
Changing cache capacity
Querying cache size
Increasing cache capacity
Reducing cache capacity
Partitioning the cache
Creating cache partitions for specific protocols
Making changes to partition sizes and protocols
Partitioning the cache according to origin server or domain
Configuring cache object size limit
Clearing the cache
Changing the size of the RAM cache
DNS Proxy Caching
Configuring DNS proxy caching
Configuring the System
Content Gateway Manager
Command-line interface
Configuration files
Saving and restoring configurations
Taking configuration snapshots
Restoring configuration snapshots
Deleting configuration snapshots
Monitoring Traffic
Viewing statistics
Viewing statistics from the command line
Working with alarms
Using Performance graphs
Creating reports with SSL Manager
Certificate Authorities
Incidents
Working With Websense Data Security
Registering and configuring Data Security
Configuring the ICAP client
ICAP failover and load balancing
Working With Encrypted Data
Running in explicit proxy mode
Enabling SSL Manager
Tasks
Certificates
Internal Root CA
Importing your Root CA
Creating your new Root CA
Creating a subordinate CA
Backing up your internal Root CA
Managing certificates
Adding new certificate authorities
Backing up certificates
Restoring certificates
Decryption and Encryption
Configuring SSL Manager for inbound traffic
Configuring SSL Manager for outbound traffic
Validating certificates
Bypassing verification
Keeping revocation information up to date
Managing Web HTTPS site access
Viewing incidents
Changing the status of an incident
Deleting an incident
Changing the text of a message
Viewing incident details
Adding Web sites to the incident list
Client certificates
Importing client certificates
When a client certificate is always required: the hostlist
Deleting client certificates
Configuring SSL Manager logging
How long should SSL log files be kept?
How big can SSL log files grow?
What fields should appear in the SSL access log files?
Customizing SSL connection failure messages
Certificate validation failed
SSL connection failure
Security
Controlling client access to the proxy
Controlling access to Content Gateway Manager
Setting the administrator ID and password
Creating a list of user accounts
Controlling host access to Content Gateway Manager
Using SSL for secure administration
FIPS 140-2 Mode
Filtering Rules
Configuring SOCKS firewall integration
Configuring SOCKS servers
Setting SOCKS proxy options
Setting SOCKS server bypass
Using the Split DNS option
Proxy user authentication
Browser limitations
Transparent proxy authentication settings
Integrated Windows Authentication
Troubleshooting Integrated Windows Authentication
Legacy NTLM authentication
LDAP authentication
RADIUS authentication
Multiple realm authentication
Multiple realm authentication: Domains
Global authentication options
Creating an Integrated Windows Authentication realm rule
Creating a legacy NTLM authentication realm rule
Creating an LDAP authentication realm rule
Working with authentication realm rules
Multiple Realm Authentication use cases
Authentication based on User-Agent
Troubleshooting Multiple Realm Authentication
Mac and iPhone/iPad authentication
Working With Log Files
Event log files
Managing event log files
Event log file formats
Using standard formats
Custom format
Creating summary log files
Choosing binary or ASCII
Using logcat to convert binary logs to ASCII
Rolling event log files
Splitting event log files
Setting log splitting options
Editing the log_hosts.config file
Collating event log files
Configuring Content Gateway to be a collation server
Configuring Content Gateway to be a collation client
Using a stand-alone collator
Viewing logging statistics
Viewing log files
Example event log file entries
Squid format
Netscape examples
Statistics
My Proxy
Summary
Node
Graphs
Alarms
Protocols
HTTP
FTP
Security
Integrated Windows Authentication
LDAP
Legacy NTLM
SOCKS
Data Security
Subsystems
Cache
Clustering
Logging
Networking
System
ARM
ICAP
WCCP
DNS Proxy
DNS Resolver
Virtual IP
Performance
SSL
SSL Key Data
CRL Statistics
Reports
Commands and Variables
Websense Content Gateway variables
Statistics
Configuration Options
My Proxy
Basic
Subscription
UI Setup
Snapshots
Logs
Protocols
HTTP
HTTP Responses
HTTP Scheduled Update
HTTPS
FTP
Content Routing
Hierarchies
Mapping and Redirection
Browser Auto-Config
Security
Connection Control
FIPS Security
Data Security
Access Control
SOCKS
Subsystems
Cache
Logging
Networking
Connection Management
ARM
WCCP
DNS Proxy
DNS Resolver
ICAP
Virtual IP
Health Check URLs
SSL
Event Logging Formats
Logging format cross-reference
Configuration Files
auth.config
bypass.config
cache.config
filter.config
hosting.config
ip_allow.config
ipnat.conf
log_hosts.config
logs_xml.config
mgmt_allow.config
parent.config
partition.config
records.config
Configuration variables
System variables
Local manager
Process manager
Virtual IP manager
Alarm configuration
ARM
Load shedding configuration (ARM)
Authentication basic realm
LDAP
RADIUS authentication
NTLM
Integrated Windows Authentication
Transparent authentication
HTTP engine
Parent proxy configuration
HTTP connection timeouts (secs)
Origin server connection attempts
Negative response caching
Proxy users variables
Security
Cache control
Heuristic expiration
Dynamic content and content negotiation
Anonymous FTP password
Cached FTP document lifetime
FTP transfer mode
Customizable user response pages
FTP engine
SOCKS processor
Net subsystem
Cluster subsystem
Cache
DNS
DNS proxy
HostDB
Logging configuration
URL remap rules
Scheduled update configuration
SNMP configuration
Plug-in configuration
WCCP configuration
FIPS (Security Configuration)
SSL Decryption
ICAP
Data Security
Connectivity, analysis, and boundary conditions
remap.config
socks.config
socks_server.config
splitdns.config
storage.config
update.config
wccp.config
Error Messages
Alarm messages
HTML messages sent to clients
Standard HTTP response messages
FAQs and Troubleshooting Tips
Frequently Asked Questions (FAQs)
How do disk I/O errors affect the cache and what does Content Gateway do when a cache disk fails?
If a client disconnects during the time that Content Gateway is downloading a large object, is any of the object saved in the cache?
Can Content Gateway cache Java applets, JavaScript programs, or other application files like VBScript?
How do you access Content Gateway Manager if you forget the master administrator password?
How do you apply changes to the logs_xml.config file to all nodes in a cluster?
In Squid- and Netscape-format log files, what do the cache result codes mean?
What does the cqtx field record in a custom log file?
Does Content Gateway refresh entries in its host database after a certain period of time if they have not been used?
Can you improve the look of your custom response pages by using images, animated gifs, and Java applets?
How do you configure Content Gateway to serve only transparent requests?
Troubleshooting tips
The throughput statistic is inaccurate in Content Gateway Manager
You are unable to execute Content Gateway commands
You observe inconsistent behavior when one node obtains an object from another node in the cluster
Web browsers may display an error document with a data missing message
Content Gateway does not resolve any Web sites
Maximum document size exceeded message in the system log file
DrainIncomingChannel message in the system log file
No cop file message in the system log file
Warning in system log file when editing vaddrs.config (Linux)
Non transparent requests fail after enabling always_query_destination
Content Gateway is running but no log files are created
Content Gateway error indicates too many network connections
Low memory symptoms
Connection timeouts with the origin server
IBM Web servers do not work with Content Gateway
Content Gateway does not start (or stop)
Print print article Email email article Font Size: A A

Search

Article Rating:

Do you have any additional feedback?    Email: close

Related Articles

Quick Links

Service Requests

How are we doing?

Provide us feedback on your experience with the Service Request portal.

provide feedback >

Table of Contents You are at the beginning of the document Go to the next page Go to the index