Secure One Services Group

Expand all | Collapse all

Symantec Web Security Gateway and Unified Agent

  • 1.  Symantec Web Security Gateway and Unified Agent

    Posted 12-07-2017 10:09 PM

    Hi all, 

    I have 1 head office (300 users) and 4 branches (each branches 70 users). I am going to: 

    - Invest 1 box ASG-S200-40 with BCIS license and Reporter virtual applicance at head office. 

    - Users at branches will install Unified Agent and update database Web filter from ASG at head office. So, users at branches will connect to internet directly and Unified agent will control the policy at laptop or desktop. 

    I read User Guide of Proxy and I think this diagram can operate. But I have some concerns: 

    - With reporter at head office, Reporter can export Report about Internet usage, top bandwitdh for users at branches? 

    - If install Unified agent at laptop and all database of web filter will be applied at laptop with Unified Agent, the laptop will run slowly or will be heavy?

    Thanks a lot for your all support. 


    Peter Vo

  • 2.  RE: Symantec Web Security Gateway and Unified Agent

    Posted 12-26-2017 08:08 AM

    Hi All,

    Do you have any idea of installing Bluecoat Unified agent silent installation mode ? If so please help me in packaging the setup file for remote deployment .

    Thanks in advance



  • 3.  RE: Symantec Web Security Gateway and Unified Agent

    Broadcom Employee
    Posted 01-25-2018 09:20 AM

    Hi Peter -

    A better solution may be to leverage Symantec's Web Security Service for your remote users.  You will be able to manage policy from your main office using the Symantec Management Center VM and enforce consistent policy across all locations/users.  You would then have the option to either store/view your web access logs locally or in the WSS Cloud.

    With regard to Unified Agent running on the desktop - it can run in 2 modes.

    1. Leveraging WSS - all web requests are sent securely to the WSS and categorization/proxy/policy enforcement/scanning happens in the cloud - this is the recommend mode.

    2. Local enforcement - this is how the older ProxyClient software worked - UA receives policy from your ASG, and then queries the Symantec Global Intelligence Network for the categorization of each web request.  There is limited support for HTTPS traffic and there is no file hash reputation checking, av scanning, or advanced machine learning scanning, that you would get on the ASG or in WSS.


  • 4.  RE: Symantec Web Security Gateway and Unified Agent

    Posted 01-31-2018 09:42 AM


    - we can use unified policy model for WSS and ASG- Pretty much you can replicate for cloud and onprim if not all.

    - Push all the logs to same reporter, for branch users on WSS can setup RP to download logs from cloud, now you have everything under once console.

    -unified agents are with low footprint on the machine, it will not cause any slowness on machines.