Message Image

Skip main navigation (Press Enter).

Virtual Secure Web Gateway

View Only

Back to discussions

Expand all | Collapse all

Is Web Gateway required to be "inline" to block content detected by DLP Prevent for Web

Migration UserSep 24, 2014 05:20 PM

We will be implementing Web Gateway as a proxy for http and https traffic with SSL deep inspection. Then ...

SMLatCSTSep 25, 2014 07:02 AM

DLP integration with SWG relies on the ICAP feed from the proxy part f the SWG only, so will work fine ...

1. Is Web Gateway required to be "inline" to block content detected by DLP Prevent for Web

0 Recommend
Migration User
Posted Sep 24, 2014 05:20 PM

Reply Reply Privately
We will be implementing Web Gateway as a proxy for http and https traffic with SSL deep inspection. Then integrate with DLP Prevent for Web over ICAP to inspect and determine if traffic should be blocked.

Page 25 of the Web Gateway implementation guide under Blocking Mode states that the Web Gateway must be instaled inline to block file transfers. If we are looking to block http and https traffic based on the results of the DLP Prevent for Web policies can the Web Gateway be installed as proxy only (not inline or inline + proxy)?
2. RE: Is Web Gateway required to be "inline" to block content detected by DLP Prevent for Web

0 Recommend
SMLatCST
Posted Sep 25, 2014 07:02 AM

Reply Reply Privately
DLP integration with SWG relies on the ICAP feed from the proxy part f the SWG only, so will work fine with either "Proxy only" and "Inline + Proxy" modes.

I suspect that comment about file transfer blocking being available in "Inline" only is reminiscent of SWG 4.5 and earlier (before the proxy component was introduced) and is no longer accurate.

Copyright 2019. All rights reserved.

Powered by Higher Logic