Our customer want to deploy Web Gateway(Webwasher) in a asymmetrical routing environment, the user did not defined the proxy server in browser.
We deploy Web Gateway in transparent mode. If the user trigger the block rule, he will see a block page. The protection function like URL filter, file filter, Anti-Malware are workable, but the user can not connection to normal web site.
And deploy Web Gateway with Web Inspector in sniffer mode, only URL filter works on this architecture. It is not enough for the customer.
Does someone have suggestion for this kind of environment?
The attachments are the figures.
I would like to clarify a few things in the setup.
I don't think the diagrams you have attached properly describe the traffic flow for the transparent mode. How exactly do you have it setup in transparent mode? Is it WCCP, default gateway, or Layer 4 redirect to the Web Gateway?
When the Web Gateway is setup in a transparent mode it will make the request for the client and the WG will send the response back to the client allowing the WG to perform filtering. The problem you could be encountering might just be that the WG is unable to route back to the client.
Also, in your diagram there would be no anti-malware scanning (of the response) because the response does not pass through the Web Gateway.
Sorry for the delay of reply.
Yes, we deployed Web Gateway in transparent mode, the client could receive the block page, but can not connect to the normal site.
We deployed the Layer 4 redirect the traffic to Web Gateway to do the filtering. And we found the feature on safe search and TrustedSource block do not work.
Message was edited by: Bryan Lan on 2/4/10 4:02:41 AM CSTMessage was edited by: Bryan Lan on 2/4/10 4:04:37 AM CST