ProxySG & Advanced Secure Gateway

 View Only
  • 1.  SGOS 7.3 (New Content and Access Policies)

    Posted Nov 10, 2021 11:56 AM
    The below new Content and Access Policies which have been added in SGOS 7.x. Can you please explain what do they do exactly? Any KB which talks more on these.

    Content Policy

     


    Access Policy



    Feedback on the below is appreciated.

    1) if we enable the default access policy where it will automatically block sites with risky categories, high threat risk levels and executables downloaded from untrusted destinations. Can we know exactly what would be blocked once it is enabled? and if we enable it, do we still need to create policies for risky categories, high risk levels etc. etc. or this policy will automatically take care of it.??

    2) Once we enable this default Content Filter policy for ICAP scanning with CAS. Can we know exactly what would be scanned and bypassed by CAS and what type of content Proxy will forward to CAS for scanning?  Do we still need to install the Content Analysis best practice policy (For improving performance and excluding objects from Scanning) on ProxySG that we used to do in the past? or with this new Content filtering policy we are not required to install the below CAS best practice policy on ProxySG.




    ------------------------------
    Symantec Enthusiast
    ------------------------------


  • 2.  RE: SGOS 7.3 (New Content and Access Policies)

    Broadcom Employee
    Posted Nov 10, 2021 05:59 PM
    Hi SymSpec,

    More information on the actual security policy can be found here. For what specific categories are blocked at each level, see this KB.

    Hope that helps!


  • 3.  RE: SGOS 7.3 (New Content and Access Policies)

    Posted Nov 11, 2021 10:49 AM
    Thanks Jacob for your reply.

    Can you please clarify the below?

    1) After enabling Content Filter Policy do we still need to install CAS best practice policy on ProxySG?

    2) Can you please share how to modify the exception page of Access policy block with a user defined block page?




    ------------------------------
    Symantec Enthusiast
    ------------------------------



  • 4.  RE: SGOS 7.3 (New Content and Access Policies)

    Broadcom Employee
    Posted Nov 11, 2021 03:36 PM
    Hi SymSpec,

    The content filter policy is going to take up a good chunk of what was in the best practices CPL, as you can see what is bypassed at each level here. If you were simply copy / pasting the best practice CPL, and didn't have any of your own additions, then yes, the best practice policy would be redundant if you are using a Content Security Layer. 

    As far as the exception page goes, to my knowledge, if you use an Access Security Layer, then you get the default policy page (as outlined here under Identify Access Security policy exceptions). The Access Security Layer is supposed to be something fast and easy to set up, and so it doesn't necessarily offer all the features that a normal Web Access Layer could. If you wanted to have a user defined block page, then you would need to recreate the same logic the Access Security Policy Layer does in a Web Access Layer.

    Hope that helps!