Manualshelf

User guide

ManualsBrandsWatchguard ManualsComputer equipmentFirebox X4500
151152153154155156157158159160
User Guide 147
Proxy Settings
About the Outgoing Proxy
The Outgoing policy applies to all outgoing network traffic, including traffic managed by other common
policies such as HTTP or FTP. As a packet filter policy, you can restrict which IP addresses can send traffic from
the trusted or optional interfaces to the external interface. As a proxy policy, you can set specific options for
different types of traffic and monitor connections for instant messaging (IM) or peer-to-peer
(P2P) applications. You can also apply the Outgoing policy to a manual VPN tunnel.
When you enable the Outgoing proxy policy, you can:
Choose to allow or deny different types of network traffic.
Select an HTTP, HTTPS, or SIP proxy policy to manage those traffic types.
Block or log packets sent by IM and/or P2P applications.
To enable the Outgoing proxy policy, see Enable a common proxy policy
. Then, if you choose, edit the proxy
definition as described in Add or edit a proxy policy
. The options that are available only for the Outgoing proxy
policy are described below.
Settings tab
You can use the Settings tab of the Outgoing proxy policy to quickly manage different types of outgoing
network traffic. To change the setting for a protocol, select an option from the adjacent drop-down list. To
permit all outgoing network traffic for the specified protocol, select Allow. To block all outgoing network
traffic for the specified protocol, select Deny. If you want to use a common or custom proxy policy to manage
HTTP, HTTPS, or SIP traffic, select a proxy policy.
Content tab
Many organizations do not allow users to operate IM or P2P applications, or permit the use of only one
approved application. You can allow or block all outgoing traffic from these programs:
Instant messaging applications: MSN, Yahoo IM, AIM, IRC, ICQ IM
Peer-to-peer applications: BitTorrent, Ed2k, Gnutella, Kazaa, Napster
To allow or block one or more IM or P2P applications, select the adjacent check boxes, then choose Allow or
Deny from the drop-down list. When you select Allow, the Edge adds information about the network traffic
sent by the specified applications to the system log.
About additional security subscriptions for proxies
You can purchase additional security subscriptions that work with the Firebox X Edge proxies to add even
greater security to your network. These are subscription-based services offered by WatchGuard. For purchase
information, visit the WatchGuard LiveSecurity web site at http://www.watchguard.com/store
or contact your
WatchGuard reseller.