Showing results for 
Show  only  | Search instead for 
Did you mean: 

Questions on McAfee Web Gateway

Hi Team,

As I am working on McAfee Web Gateway, I have below few questions:

1.     Can i configure my web gateway not to scan or filter my intranet websites

2.     Admin Logs: How to check what all policy changes super administrator had done through McAfee GUI

3.     How to check real time access logs through GUI e.g. currently how many users are browsing or or or who is downloading what. If yes then how

4.     In case if we can see the information asked in point no. 3 then can we terminiate the session of a particular user.If yes then how

5.     Web cache feature : what are the feature avilable with McAfee webgateway

6.     How we can block a single character in single policy ( candy word  need to be blocked )

Early response would be great help.


6 Replies

Re: Questions on McAfee Web Gateway

1) You can put a criteria on your scanning ruleset to prevent local addresses from entering, OR put a "white list" rule somewhere above your scanning that applies to the request cycle, and does a stop cycle on for internal addresses.

2) Check the Audit log under Troubleshooting > Log files

3) Send access log data to Content Security Reporter via SYSLOG.

4) what do you mean terminate a session?  when you open your browser to, the connection only lives while content is being downloaded.  There isn't a session that exists in a live connection for most of web traffic.  What is your end goal or use case?

5) Page 302 of the product gude:

6) I don't know what you are asking.

Re: Questions on McAfee Web Gateway


Thanks for your response. Kindly find my question below:

1.     I tried this but it was not sucessful. Can you please post a sample ruleset for the same.

2.     Apart from the audit log can we see the logs in dashboard or in GUI.

3.     I understand from your response that we have to transfer real time logs to content reporter which will allow us to have brief look at it. But are you sure that it would be a           real time as we are transferring the same.

4.     Terminating session means if 10 users are browsing and if i can see it online through logs or content security reporter, can i end or terminate their           sessions.

5.      I will go through the document. Thanks.

6.     If i want to block any character like candy..meaning if for e.g. somebody browse or search for candy word in google it should be block. Some kind of content/character base blocking.


Level 12
Report Inappropriate Content
Message 4 of 7

Re: Questions on McAfee Web Gateway

4) what do you mean terminate a session?  when you open your browser to, the connection only lives while content is being downloaded.  There isn't a session that exists in a live connection for most of web traffic.  What is your end goal or use case?

This sounds like hdkothari may have been a Bluecoat user.   🙂   One nice thing Bluecoat proxies have (and maybe one of the few only nice things) is a nice way to view current connections through the proxy and sort by size/time of the session... so if some jackhole is streaming the  $bigSportingEvent and has been doing so in HD for the past 3 hours while you have a high CPU issue on the proxy....   with 2 clicks you can terminate that connection that may be sitting in the background of his computer being unwatched.    Or downloading every iso on the planet from a given site, etc.  

I haven't found analogous functionality in MWG to this very nice feature of the Bluecoat proxies.       I'm in the 7.3 branch... is there anything new on this real time "who's sucking up all my proxy bandwidth and CPU"  viewing in later versions?

on 2/27/14 9:15:00 AM CST

Re: Questions on McAfee Web Gateway

In reply to Item 6
I have managed to do something similar.
I had a requirement to block the content from a webpage if it contained a word - such as flippetyflop

I created a rule that allowed you to do that. It is basic, but it works.
Feel free to try it, I would appreciate if you would let me know if it works for you, or if you can make it better.

Hope this helps


McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 7

Re: Questions on McAfee Web Gateway

Simple, but effective. Please note that this rule causes MWG to parse every (readable) body that walks through. If you call such a rule for every URL that is requested by users you may see some performance impact, so you may want to restrict such rules to only be called after "cheaper" tests. For example you can execute such a check only for websites in a specific category or when its reputation is bad.

You can also tie the check to criteria like MediaType equals text/html to only search in HTML objects.

As usual there are multiple ways to find a solution.



Re: Questions on McAfee Web Gateway

You are correct, I did have some criteria in mine to restrict it back to a subset of users coming from an IP range. But to make the rule "anonymous" so I could share it, I removed the criteria details from it.

*I also forgot to add that in my setup, this rule is below all of the Authentication and Category filters

Slightly off topic, but my next attempt is to see if I can get it to change the word from for example 'flippetyflop' to 'floppetyflip'

But alas work has got in the way.



You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community