Now posted to : https://www-secure.symantec.com/connect/ideas/development-suggestions-web-gateway-virtual
Hi,
I'm currently testing the virtual appliance Version 5.0.2.8 and have a couple of suggestions to offer.
Regards, Graeme.
1) After Hours Configuration
Could this be further developed to allow selection of minutes as well as hours?
Could we have more than one definition of after hours to cater for lunch times?
2) Policy order / matching
I'm finding that the way that policies match user groups / IP addresses is a little restrictive. Could we have a tick box on each policy which allows the system to continue matching against other policies? In this way policies could be layered to simplify administration.
In our current solution, for example, policies are evaluated as a whole which means that I can create an all users policy and a senior staff policy. The senior staff policy only contains exceptions to the normal rules. Otherwise, whitelist items and configuration changes need to be added to each staff group policy. Further, the multi hours suggestion above would also not be required as a 'lunch time' policy could be layered onto a standard policy.
3) Documentation
I have found it quite tricky to work out how best to configure the gateway for our environment. The particular areas of confusion included Authentication (when to use NTLM/DCInterface) and Operating Modes. If the documentation had included a scenario guide asking the questions "When should I use NTLM" or "What are the limitations of Proxy mode". Even a couple of tick-box tables showing what works in which environment might be helpful.
4) Network Interfaces
I'm sure there is a good technical reason why the management interface must be on a separate network. Could it be an option to allow management on the LAN connection to simplify Proxy mode deployments?