We are using McAfee Web Gateway 6 now and weare planning to integrate MWG-6 with Linux Squid Server for High Availability .
Anyone can guide me how to do above task and Provide merequired documentation.
there are many ways to integrate Web Gateway with Squid. Can you please let us know what exactly you want to do?
- You can integrate Squid and Web Gateway via ICAP protocol:
- You can point your Clients to Squid and configure Squid to talk to Web Gateway via Next-Hop Proxy:
On the Web Gateway side there is usually nothing to do, most configurastion needs to take place on Squid. If you share details about what you want to do, we will be able to assist you.
We are using MWG-6 in one of my branch office and we are planning to configure SQUID Serverin other branch,
we have good bandwidth for both branches.
As per my requirement we want keep Web Gateway and SQUID Server in HA Mode.
We don’t want to define any new policies in SQUID Server, what are the Policies we have in Web Gateway those policies should forward to SQUID Server whenever the clients access.
I am not sure if I understood so far. From what I got you currently have two office locations, for example "Office A" and "Office B".
"Office A" is using Web Gateway to access the Internet, so Internet access is filtered.
"Office B" is using Squid at the moment, to access the Internet.
You want to have your Users in "Office B" protected by Web Gateway in "Office A". I assume the browsers in "Office B" point to Squid, and you probably do not want to touch any machine, so you would like to tell Squid in "Office B" to send all traffic to the Web Gateways in "Office A".
You want Squid to pass all necessary information to be able to use the existing policies on Web Gateway in "Office A".
Can you let me know if I am right?
If not, maybe you can add a quick picture of the "current" situation and the "result" you want to have?
alright, so in that case I would generally leave the Users in "Office B" talk to the Squid server, and tell Squid to forward all requests to the Web Gateway in "Office A". With the "cache_peer" configuration parameter in Squid (see http://www.squid-cache.org/Doc/config/cache_peer/) you can tell Squid to forward all User Requests to Web Gateway.
If this is acceptable for you the biggest challenge will be the Mapping of Policies on the Web Gateway.
How are you currently assigning policies? Is this based on
- IP addresses
- User Names
- Group Names
or a mix of multiple methods?
Is the Squid currently doing any kind of authentication at the moment?