Manualshelf

Installation guide

ManualsBrandsMicroweb ManualsComputer equipmentPRO Series
111112113114115116117118119120
Trend Micro™ InterScan™ Web Security Virtual Appliance 6.5 Installation Guide
C-6
SQUID - IWSVA bundles the popular open source caching program, called Squid, to
offer customers an economical way to cache web content without paying additional
licensing fees. With IWSVA 3.1, Squid can be enabled through IWSVA's CLI interface
and is deployable as a downstream proxy or an upstream proxy in relation to IWSVA.
Starting with IWSVA 5.1, basic Squid configuration, reporting and enablement is
integrated with the IWSVA 5.1 Web console. Squid is supported in upstream proxy
mode with IWSVA 5.1. Squid support is offered through the open source community
and is provided by Trend Micro on its Web Gateway products for convenience.
Proxy Pac File - Simple load sharing can be created through a proxy pac file if you are
deploying in Forward Proxy mode. Many customers have experienced good results by
creating a proxy pac file that routes traffic to a specific IWSVA device based on source
IP address or source network. This allows you to manually scale your network and to
load share users across many IWSVA servers without any added costs or network
complexity.
You can also configure the proxy pac file to return multiple proxy servers to build a
simple redundancy solution. Be aware that not all browsers may be able to interpret the
multiple proxy server response. If they can't interpret the multiple proxy servers,
redundancy will not be possible.
Layer 4 Load Balancing Switches - IWSVA can support external load balancing
switches in Forward Proxy Mode using the “simple transparency” feature. Having an
external load balancing switch adds additional cost and configuration complexity, but
delivers the highest performance and flexibility in terms of redundancy and load sharing.
Commercial load balancers that Trend Micro customers have used successfully include
Foundry Networks/Brocade, F5, and Citrix NetScaler. If cost is a consideration,
alternative open source software-based load balancers such as Red Hat Enterprise can
also provide good scalability and redundancy options.
If installing under VMware, consider using VMware's redundancy and fault tolerant
functions to create a robust and scalable solution. These include:
•VMotion
vSphere Fault Tolerance Services
Be aware that at the time of this writing, vSphere's Fault Tolerance service only permits
one virtual CPU. This allows a full redundant solution to be developed, but offers less
performance due to the single CPU limitation. For more information on setting up a
vSphere FT configuration, refer to the Best Practices Guide for Utilizing VMware Fault
Tolerance for High Availability document on the VMware web site.