Video Screencast Help
Search Video Help Close Back
to help

Reverse proxy between clients and SEPM: possible?

Created: 18 Mar 2013 | 8 comments
diabolicus23's picture
diabolicus23 Partner Accredited
0 0 Votes
Login to vote

Is it possible to use a reverse proxy in order to give SEPM visibility to clients connected to public network?

I know we can use NAT or another SEPM in DMZ. I'd like to know if the protocol permits the use of a reverse proxy.

 

Thanks!

Discussion Filed Under:
, , ,

Comments 8 CommentsJump to latest comment

Rafeeq's picture
Rafeeq
Reverse proxy between clients and SEPM: possible? - Comment:18 Mar 2013 : Link

Not possible.

Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq

0
Login to vote
AjinBabu's picture
AjinBabu
Reverse proxy between clients and SEPM: possible? - Comment:18 Mar 2013 : Link

Hi,

We have implemented the same on our environment, and it is very much possible.

We have clients on internet which is reporting to our internal SEPM via reverse proxy.

In addition to that please do the steps as per TECH173154 on your SEPM as a best practice.

Regards

Ajin

+1
Login to vote
Rafeeq's picture
Rafeeq
Reverse proxy between clients and SEPM: possible? - Comment:18 Mar 2013 : Link

@Ajin

Could you please share the details on how it was completed?

what did you use for reverse proxy? is it ISA ?

Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq

0
Login to vote
AjinBabu's picture
AjinBabu
Reverse proxy between clients and SEPM: possible? - Comment:18 Mar 2013 : Link

Hi Rafeeq,

We are having a Public IP which is natted to our internal SEPM server via ISA. The Public IP has been added to MSL.

External Clients will communicate to Our SEPM for reporting and Policy updates and we have configured live update to take from internet.( Since it is on Cloud no need to come to SEPM for definition updates)

Regards

Ajin

+1
Login to vote
Rafeeq's picture
Rafeeq
Reverse proxy between clients and SEPM: possible? - Comment:18 Mar 2013 : Link

this would be same like placing sepm behind NAT. was more specific to the word "Reverse proxy"

thanks for sharing.

Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq

0
Login to vote
diabolicus23's picture
diabolicus23 Partner Accredited
Reverse proxy between clients and SEPM: possible? - Comment:21 Mar 2013 : Link

Uhm... not exactly the same thing.

Reverse proxy refers to protocol too. I mean, if a protocol is not, let me say, "reverse-proxy-compliant", I cannot use it in this way.

0
Login to vote
Mithun Sanghavi's picture
Mithun Sanghavi Symantec Employee Technical Support Accredited
Reverse proxy between clients and SEPM: possible? - Comment:18 Mar 2013 : Link

Hello,

You may like to check this Thread: 

https://www-secure.symantec.com/connect/forums/how-do-i-securely-manage-sep-clients-accross-internet

Hope that helps!!

Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3

Twitter: @mithun_sanghavi

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a

0
Login to vote
SMLatCST's picture
SMLatCST Partner Accredited
Reverse proxy between clients and SEPM: possible? - Comment:21 Mar 2013 : Link

As per my comments in the thread Mithun linked, yap reverse/inbound proxies should work fine, but are unlikely to be supported by Symantec.

http://www.cstl.com/

0
Login to vote