Data trickling (response modification only)
Table 160 Option definitions
Option
Definition
Enable data trickling
Enables the downloading of large files to the client before the whole file has been
received from the server. Caution: Data trickling can leave your network
vulnerable to viruses and other potentially harmful software because the file is
not fully scanned. For this reason, we do not recommend data trickling.
Data trickling
Default values are:
Delay before data trickling starts — 15 seconds
Trickle data every — 10 seconds
Amount of data to trickle each time — 1024 bytes
Maximum amount of data to trickle — 10%
Enable data trickling
during data receipt
When selected, enables data trickling during data receipt.
This is an advanced feature for NetCache clients only,
Permissions (request modification only)
Table 161 Option definitions
Option
Definition
Denied Verbs
Displays the HTTP verbs that cannot be used in the communication between the ICAP
client and the appliance when the ICAP client uses the REQMOD option. When you add
any HTTP verbs to this list, by implication, you permit the use of all other verbs that are
not in that list.
Permitted
Verbs
Displays the HTTP verbs that can be used in the communication between the ICAP client
and the appliance when the ICAP client uses the REQMOD option. When you add any
HTTP verbs to this list, by implication, you deny all other verbs that are not in that list.
Denied
Schemes
Displays the request schemes that cannot be used. URLs include text that defines which
resource is being requested.
After you add any schemes to this list, by implication, you permit the use of all other
schemes that are not in the list.
Permitted
Schemes
Displays the request schemes that can be used. URLs include text that defines which
resource is being requested.
After you add any schemes to this list, by implication, you deny the use of all other
schemes that are not in this list.
Permitted
Ports
Displays the HTTP port numbers that the appliance will use when forwarding traffic. For
security reasons, the appliance forwards requests only to certain port numbers, which
prevents hackers tunnelling different protocols over a HTTP connection. Use this option
for HTTP traffic that is not sent over the SSL.
The entry 1025- means port number 1025 or above.
Permitted SSL
Ports
Displays the HTTP port numbers that the appliance will use when forwarding traffic over
SSL (Secure Socket Layer). For security reasons, the appliance forwards requests only
to certain port numbers, which prevents hackers tunnelling different protocols over a
HTTP connection.
The port numbers that can be used depend on the HTTP verb. Access using the
CONNECT verb is most tightly restricted, because once this verb has been accepted,
there is little restriction on the data that can be transferred. Web browsers configured to
operate in proxy mode use the CONNECT verb when trying to initiate a HTTPS
connection running over SSL.
The entry 1025- means port number 1025 or above.
Typical values are 443 (HTTPS) and 563 (SNEWS).
Overview of Web features
Web Configuration
McAfee Email and Web Security Appliances 5.6.0 Product Guide
173
Summary of Contents for MAP-3300-SWG - Web Security Appliance 3300
Page 1: ...Product Guide McAfee Email and Web Security Appliances 5 6 0 ...
Page 6: ......
Page 20: ......
Page 28: ......
Page 58: ......
Page 206: ......
Page 310: ......
Page 322: ......
Page 324: ......
Page 326: ......
Page 333: ......
Page 334: ......
Page 335: ......
Page 336: ...700 2647A00 00 ...