Manualshelf

Installation manual

ManualsBrandsESET ManualsPrint & ScanGATEWAY SECURITY - FOR LINUX BSD AND SOLARIS
11121314151617181920
18
ESET Gateway Security
To congure Firefox to use esets_http, click Tools > Options from the main menu, and click
Advanced. Click the Network tab and then click the Settings... button. In the Connection
Settings window, select the Manual Proxy Conguration option. Finally, enter the host name
or IP address in the HTTP Proxy (or FTP Proxy) eld, and enter the Port values which esets_http
listens on (in this example, IP address 192.168.1.10 and port 8080 shall be specied). To reread
the newly created conguration, reload the ESETS daemon.
It should be noted that the conguration described here is not optimal for networks with
a large number of client computers. This is because the HTTP cache (if any) is present only in
the user agent–thus, the same source object is scanned multiple times when requested from
dierent user agents.
5.2.2. Manual proxy conguration of Squid Web Proxy Cache
The manual HTTP proxy conguration of esets_http with the Squid Web Proxy Cache is
illustrated by the right hand side of Figure 5-2.
The signicant dierence from the previously described conguration is that ESET Gateway
Security is installed on the HTTP/FTP Gateway between the proxy cache (Squid Web Proxy in
this example) and the Internet. Thus, all inbound HTTP/FTP communications are rst scanned
for inltrations and then stored in the dedicated network cache. In other words, all previously
requested source objects present within the proxy cache are already checked for viruses and no
additional checking is necessary when requested again.
In the following example, esets_http is congured to listen on port 8080 of the gateway
server, with a local network IP address of 192.168.1.10, by specifying the following parameters in
the [http] section of the ESETS conguration le:
agent_enabled=yes
listen_addr=”192.168.1.10”
listen_port=8080
Note that the parameter ‘listen_addr can be used to specify the host name visible from the
local network and also can be used to allow esets_http to listen to all interfaces, by entering an
address of 0.0.0.0. Use caution in the latter case, as users outside the local network would be
allowed to use the HTTP/FTP scanner unless additional security is added to prevent this.
To set up Squid to use esets_http as a parent proxy, add the following lines to the Squid
conguration le (/etc/squid/squid.conf):
cache_peer192.168.1.10parent80800no-querydefault
aclallsrc0.0.0.0/0.0.0.0
never_directallowall
In the example above, Squid has been congured to use HTTP proxy listening at IP address
192.168.1.10 on port 8080 as a parent proxy. All requests processed by Squid will be passed to
this destination. The remaining lines are used to congure error message reporting in the event
that the parent proxy is down or becomes unreachable. To congure Squid to attempt direct
connections when the parent proxy is unreachable, add the following parameters to the Squid
conguration le: