soft-tronik, a.s

14

SOFT-TRONIK, a.s. ProxySG’s Policy Michal Červinka Pre-sales SE

Upload: argus

Post on 22-Jan-2016

56 views

Category:

Documents

0 download

Report

Download

Embed Size (px):

DESCRIPTION

SOFT-TRONIK, a.s. ProxySG ’s Policy. Michal Červinka Pre-sales SE. Construction - Policy Files. VPM created via Visual Policy Manager Local Policy File manualy created CPL Central Policy File global setting managed by BCSI by default Forwarding Policy File - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: SOFT-TRONIK, a.s

SOFT-TRONIK, a.s.ProxySG’s Policy

Michal ČervinkaPre-sales SE

Page 2: SOFT-TRONIK, a.s

Construction - Policy Files

• VPM– created via Visual Policy Manager

• Local Policy File– manualy created CPL

• Central Policy File– global setting managed by BCSI by default

• Forwarding Policy File– forwarding rules (for backward compatibility only)

Evaluated in THIS order by default …

Page 3: SOFT-TRONIK, a.s

Construction - Policy Layers• <admin> Admin Authentication Layer• <admin> Admin Access Layer• <dns-proxy> DNS Access Layer• <proxy> SOCKS Authentication Layer• <ssl-intercept> SSL Intercept Layer• <ssl> SSL Access Layer• <proxy> Web Authentication Layer• <proxy> Web Access Layer• <cache> Web Content Layer• <forward> Forwarding Layer

Prefered ordering

Evaluated sequentialy

Page 4: SOFT-TRONIK, a.s

Construction – Design of Layers

• Separate decisions in separate layers

• Start with general, proceed to more specific

• Remember the default policy– ALLOW usualy for app acceleration– DENY typical for security GW

Page 5: SOFT-TRONIK, a.s

Construction - Policy Rules

• Rules evaluation– reflects order within the layer– „first match“ model

• Design rule– go from specific to general

Page 6: SOFT-TRONIK, a.s

Integrity – ALLOW vs. OK

• ALLOW can reverse a previous denial• OK action available as „empty“ action

Page 7: SOFT-TRONIK, a.s

Integrity – DENY vs. FORCE DENY

• DENY can be overridden by a later ALLOW• FORCE_DENY terminates further policy

evaluation• The same for exception vs. force_ exception

Page 8: SOFT-TRONIK, a.s

Optimization

• Try to avoid regular expressions– they are too CPU-intensive

Page 9: SOFT-TRONIK, a.s

Optimization

• Place rules most likely to match at the beginning of the layer

• Place like conditions together within the layer– let the compiler optimize

Page 10: SOFT-TRONIK, a.s

Optimization

• Use subnets when possible– or group by „define subnet“ definition

Page 11: SOFT-TRONIK, a.s

Optimization• Use definitions to minimize the number of rules

Page 12: SOFT-TRONIK, a.s

Optimization

• Select the Appropriate URL Condition

Page 13: SOFT-TRONIK, a.s

Optimization

• Use Layer Guards– to prevent layers from being evaluated unnecessarily

Page 14: SOFT-TRONIK, a.s

Michal ČervinkaPre-sales [email protected]

SOFT-TRONIK, a.s. OstravaTvorkovských 5709 00 Ostrava - Mariánské Horytel.: +420 597 488 811 fax: +420 596 622 486

PrahaNagano Office and Technology Park,Nagano IIIU nákladového nádraží 10130 00 Praha 3tel: +420 266 109 211 fax: +420 283 840 236

www.soft-tronik.cz

SOFT-TRONIK, a.s. Provisioning – cesta k zjednodušení XenApp

RELAZIONE PROGRAMMA ANNUALE 2018-1 · a.s. 2010/11 a.s. 2011/12 a.s. 2012/13 a.s. 2013/14 a.s. 2014/15 a.s. 2015/16 a.s. 2016/17 ... sottolineati, sia in modo formale che informale

Tagliavini Rotor stikovn - tomsbageriservice.dk · Tagliavini Tronik herdovn TRONIK, en elektrisk herdovn der er unik, innovativ, har operative fordele og er energisparende i forhold

BAHAGIAN AKIDAH TAJUK 8 : BERIMAN KEPADA RASUL … · (ii) Nabi ( Yahya a.s / Yaakub a.s ) merupakan putera kepada nabi Ishak a.s. (iii) Nabi ( Ayub a.s / Isa a.s ) menempuh ujian

TESLA Hloubětín a.s. · TESLA Hloub ětín a.s. ANTENNA

SOFT-TRONIK, a.s

DOCUMENTO DEL CONSIGLIO DELLA CLASSE QUINTA SEZ.E a.s. … Documento 15... · 2019-06-04 · 6 Alunni IMUN Potenziamento delle Soft-skills,in particolare: -flessibilità e adattabilità

Générateur de fonction programmable Préparation et ...ensieg.dox.free.fr/1A_ENSIEG/tronik/be tronik/BE15_Gene_fonction... · V2 V3 i1 i2 i3 Le courant i1 vaut!: R Vref i 2 1= Le

kostum66.ru · Soft Line Soft Line Soft Line Soft Line Soft Line Soft Line Soft Line Soft Line Soft Line 2 Smart Casual Smart Casual Smart Casual

Manpower Consultancy in Mumbai - A.S. International...Our database comprises both soft and hard copies of resumes of at least 80,000 in soft-and 20,000 in hard copies. We have a wide

User Manual - Medical Tronik · PDF fileUser Manual Operation & Installation ... Diplode Electrode ... Load Resistance and Applicator Spacing

Remote electronic regulation AG-TRONIK S1

A.S. 2009/2010 - A.S. 2010/2011 - cardarelli-massaua.gov.it · A.S. 2010/2011 GIOCHINSIEME. NOI ALLA SCUOLA MEDIA A.S. 2010/2011 ATTIVITÀ CINEFORUM. NOI ALLA SCUOLA MEDIA A.S. 2010/2011

Soft COLOur ChArT Van GOGh SOFT paSTelS - malirskeplatna.cz · SOFT PASTELS SOFT PASTELS SOFT PASTELS SOFT PASTELS SOFT PASTEL Soft PASTELS AuxiLiAriES The following auxiliaries are

FR:ZAIDEL A.M. TO:ZAIMOVSKIY A.S. · Title: FR:ZAIDEL A.M. TO:ZAIMOVSKIY A.S. Subject: FR:ZAIDEL A.M. TO:ZAIMOVSKIY A.S. Keywords

A.S. 1 F.P. A.S. 2 F.P. A.S.3 F.P. A.S. 4 F.P. A.S ... - ANAF

FIRMENPRÄSENTATION TAFORGE A.S. . Über die Gesellschaft TATRA Taforge a.s. gehört zur Beteiligungsgesellschaft TATRA, a.s.

016. Nabi Musa a.s & Harun a.s

Monark 837E RECUMBENT - Medical Tronik

Studiengangsprofil Mecha tronik , M.Sc. - Uni Stuttgart€¦ · Studiengangsprofil Mecha tronik , M.Sc. an der Universität Stuttgart Stand WS 201 5/1 6 Fakultät Konstruktions -,

Bezpečnost: Pohádky pro malé dě ti?€¦ · Bezpečnost: Pohádky pro malé dě ti? T-SOFT a.s. Informační systémy a bezpečnost na zakázku Jaroslav Pejčoch, [email protected]

VÝROČNÍ ZPRÁVA ČEPS, a.s., 2016 ČEPS, a.s. 2016 ANNUAL …ftp.pse.cz/Annual.rep/2017/CEPSX012017.pdf · vÝroČnÍ zprÁva Čeps, a.s., 2016 u Čeps, a.s. 2016 annlat reporÚ

PNE 33 0000-8tisk1 · PRE Praha a.s., Skupina ČEZ: Středočeská energetická a.s., Západočeská energetika a.s., Východočeská energetika a.s., Severočeská energetika a.s.,

JS Aupperle GmbH - Produkter • Tryckluftsindustri ABtryckluftsindustri.se/.../2011/10/Anleitung_ALF_Tronik_svensk_ny.pdf · ALF® - Tronik är konstruerad och tillverkad i enlighet

YSOFT SAFEQ 6 - PROFIT DayVISIT US AT . COM МАКСИМСИЧЕВОЙ. DĚKUJI. Title: Y Soft Presentation Author: Y Soft Corporation a.s. Created Date: 9/14/2016 11:49:26 AM