We are in process of evaluating the webgateway appliance within our enterprise. and somehow we have some ocncerns about our topology and security.
I will explain in brief what are our concerns
1- We need the webgateway to filter all the Web trafic for all the users
2- we have users with MAC
3- we have pcs that uses DHCP, WIFI, Fixed IP
What would be the best practice to redirect all the users to the webfilter as obrigation? knowing that MAc users cannot configure a manual proxy within there machine.
and the default gateway within all machine is our first router.
Can i put the webgateway as a default gateway for everyone?
And what if the user sends a traffic with any diffrent port that the gateway supports? how the gateway treats these packages?
What will happen if i put a firewall between teh users and teh webgateway and let teh firewall decide where to send the packages based on port numbers etc...
does the gateway in this case regognize who sent the request?? (reports per user/ip are important for us)
HOw the gateway deals with these diffrences? Pc with proxy set manual or through group policy and machines without proxy?
Appreciate your help.
What about the other traffic? other ports etc.. how the Gateway will treat it? all the traffic from inside to outside the company will go through it..
also we have a DMZ zone after the gateway.. so some of the traffic between teh users and this DMZ will pass through it also.