Management and Configuration Guide (Includes ACM xl) 2005-12

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

101

102

103

104

105

106

107

108

109

110

4-52 ProCurve Secure Access 700wl Series Management and Configuration Guide

Configuring Rights

If these filters are not sufficient to meet your needs, you can create your own filters. See “Creating or

Editing a Redirected Traffic Filter” on page 4-71 for instructions.

The HTTP Proxy Tab

The HTTP Proxy feature of the 700wl Series system offers several options in setting up an HTTP proxy

server for an Access Policy. The options consist of the following configurations:

• Using the internal HTTP proxy server

• Using an external HTTP proxy server specific to an Access Controller (via the internal HTTP proxy

server)

• Using an external HTTP proxy server specific to an Access Policy

• Do not use an HTTP proxy server

Each option meets different security and access requirements. See Table 4-21.

SOCKS redirect Redirects all SOCKS requests to the Access Controller

Table 4-21. HTTP Proxy ModeConfiguration

HTTP

Proxy

Mode Functionality Advantages Disadvantages Where to Configure...

Internal Access

Controller

monitors HTTP

traffic and uses

HTTP filters

selected in

Access Policy

• Ability to filter

HTTP traffic

• Clients see the

700wl Series

system HTTP

pages

• Light-weight HTTP

proxy server

• Not compliant with

HTTP 1.1

• Cannot handle high-

end HTTP

performance

In Access Policy:

• Enable Automatic HTTP Proxy

• Specify monitored ports

Internal

and then

External

Access

Controller

monitors HTTP

traffic and uses

HTTP filters

selected in

Access Policy

and then

passes traffic

to external

server

• Ability to filter

HTTP traffic

• Clients see the

700wl Series

system HTTP

pages

• Additional

capabilities of

external server

• Light-weight HTTP

proxy server

• Not compliant with

HTTP 1.1

• Cannot handle high-

end HTTP

performance

• HTTP traffic is

proxied twice

In Access Controller:

• Specify the IP address and port

of the external HTTP proxy

server in the Networks Setup

page-HTTP Proxy tab

In Access Policy:

• Enable Automatic HTTP Proxy

• Specify monitored ports

External HTTP traffic is

sent directly to

external server

• No limitations

of internal

proxy server

• Additional

capabilities of

external server

Clients will not see the

700wl Series system

HTTP pages

In Access Policy:

• Enable Automatic HTTP Proxy

• Specify the IP address and port

of the external HTTP proxy

server

• Specify monitored ports

Table 4-20. Predefined Redirected Traffic Filters (Continued)

Redirected Traffic Filter Description