Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
Currently Being Moderated

MWG Best Practices and Common Scenarios

VERSION 14  Click to view document history
Created on: Mar 21, 2013 12:42 PM by Sven Welschen - Last Modified:  Apr 17, 2014 9:50 AM by Sven Welschen

Welcome!

Dear MWG Fan Community,

 

Now that MWG 7 has been around for a little bit and we have plenty of experience with the dos and don'ts of this most powerful web gateway ever, we figured it was time to get some best practices out there and spread the word about some of the awesome features MWG has to offer.

 

Below is a collection of documents written to help you understand the MWG better and hopefully cover some of the common cases you as an Admin experience.

Part of the idea is to collect feedback (No, not the feedback.zip this time ) from you as community contributors and keep improving and adding to the collection. If you have a topic that you would like to see covered or learn more about, please let us know in the comment section below.

 

 

We hope you find this collection of best practices and common cases interesting and ultimately helpful in making your admin life easier. Let us know what you think and keep comments and suggestions coming!

 

Your MWG Team

 

 

Deployment Considerations

General

Rule Engine Tracing

Upgrading your Web Gateway (Release Branches and Options Explained)

Automatic Backups with a Little Trick

 

Deployment Modes

Direct Proxy vs. Transparent Deployments

WCCP Explained

Proxy HA explained

McAfee Client Proxy (MCP) with Web Gateway

Hosting your Proxy.pac/WPAD.dat on the MWG

Transparent Bridge Gotchas

Central Management

Central Management Explained

Proxy related

Via and X-Forwarded-For headers (Proxy Loop Prevention)

FTP over HTTP Explained

Progress Indication Methods Explained

Introduction to Reverse Proxy

 

Filtering Policy

Understanding and Optimizing your Rules

Policy Assignments

Default Policy Changelog

Error Handling (Are you failing open yet?)

Customizing your Block Pages

Authentication

Different Options explained for different Deployment Methods

NTLM Domain Membership Explained

Kerberos with MWG, the ultimate guide

LDAP Authentication on the McAfee Web Gateway


Filtering/Whitelisting/Blacklisiting

Creating URL related list entries

User-Agents explained

Subscribed lists and how they can help with problematic connections

mwginternal.com - Get Creative with your Rules

Subscribed Lists and External Lists Format Examples

 

 

HTTPS Considerations

What is the "Client Context" and why do I need it?

How to Roll Out a CA to your Clients

What to consider when whiteliting HTTPS URLs

HTTPS in transparent deployments and how SNI can help

SSL Scanner Rule Examples

 

Common Troublemakers

HTTP 502's explained

Streaming Video and how the MWG Streaming detector helps

Flash Videos (via RTMP) do not play

Logging/Monitoring

How Log Files work and How to create your own

Notifications and Alerting Options

Monitoring File System Usage

Sending Access logs via syslog

Access logs in CEF (syslog)

 

Reporting

Configuring MWG and Web Reporter to make some Pretty Reports

Adding a custom Log Field to your Reports

Considerations when enabling group reporting

Database maintenance and cleanup (Don't run out of disk space on your Server!)


Hardware/Appliance

Remote Access Cards (RMM/DRAC) and why they are an Admins Best Friend

Partition Resizing (need more space for log files?)

Offline Updates for Environments with no Internet Access

Restoring your Config after a Hardware replacement

Adding a Hard Drive back into a RAID array

Contact McAfee

Technical Support

Uploading Files for MWG Support

URL Feedback

URL Categorization Submissions to Trustedsource

AV Feedback

False Detection Submissions (KB62662)

 

 

Changelog

2013-10-04 - Added "Introduction to Reverse Proxy", "LDAP Authentication on the McAfee Web Gateway", "Subscribed Lists and External Lists Format Examples", "Rule Engine Tracing"

2013-09-30 - Added "Sending Access logs via syslog", "mwginternal.com explained", "Automatic Backups", "Restoring your config after a hardware replacement"

2013-09-27 - Added " Offline Updates", "Customizing Block Pages", "SSL Scanner Rule Examples"

2013-09-27 - Added "Progress Indication Methods Explained", "Transparent Bridge Gotchas", "How to Roll Out a CA to your Clients", "Partition Resizing"

2013-06-27 - Added "NTLM Domain Membership", "Configuring MWG and WR", "Custom Log Field Reporting", "Group Reporting pitfall", "WR DB maintenance"

2013-06-27 - Added "WCCP Explained", "Direct vs. Transparent Proxy", "Hosting Proxy.pac", "Rule Optimization", "MCP"

2013-06-25 - Added "Error Handling", "Upgrading", "SNI explained", "FTP over HTTP"

2013-05-16 - Added "Flash videos (via RTMP) do not play"

2013-05-03 - Fixed link for "502' explained"

2013-03-29 - Added "Notifications and Alerting", "Submitting URLs" and "How Logging works"

2013-03-28 - Initial Release

Comments (6)