cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
Biju_Nair
Nickel

Sandboxing http/https traffics with web proxy(bluecoat) in place

Jump to solution

Hi, In a scenario with 3rd party web proxy(bluecoat) in place, how would the https traffic be handled by sandblast appliance. Considering bluecoat itself is doing https inspection first.

Tags (1)
1 Solution

Accepted Solutions

Re: Sandboxing http/https traffics with web proxy(bluecoat) in place

Jump to solution

Hi,

Have a look at sk111306 and install JHF 284 or newer which includes the ICAP server feature.

HTH,

Christian

8 Replies

Re: Sandboxing http/https traffics with web proxy(bluecoat) in place

Jump to solution

There is not much information, how you want (or have) implemented the Sandblast appliance.

So just to keep it general:

If you want the https traffic to be inspected there has to be ssl-inspection active. Detail configuration for that depends on the implementation (sandblast before proxy or after).

Other way would be to use ICAP-client on proxy to speak with ICAP-server on Sandblast appliance.

0 Kudos
Biju_Nair
Nickel

Re: Sandboxing http/https traffics with web proxy(bluecoat) in place

Jump to solution

Hi Norbert,

I wish to implement the sandblast appliance to intercept https traffic for Sandboxing. I would like to deploy the Sandblast appliance after proxy towards internet and using fail open card.

Regards,

Biju Nair

Sent from my iPhone

0 Kudos

Re: Sandboxing http/https traffics with web proxy(bluecoat) in place

Jump to solution

Hmmm. So you want two devices to break open SSL traffic independently?

This is the sort of stuff I would advise if you want nightmares.

It will be slow to the users and the likely hood you will get into negotiate trouble is big.

0 Kudos

Re: Sandboxing http/https traffics with web proxy(bluecoat) in place

Jump to solution

I can only say that Hugo is right here and ICAP is the much better way to move forward!

0 Kudos
Biju_Nair
Nickel

Re: Sandboxing http/https traffics with web proxy(bluecoat) in place

Jump to solution

Thanks Hugo.

Hi Norbert,

If we plan for ICAP then the proxy will act as a ICAP client and will send the traffic to sandblast(ICAP server).

But how would the https traffic work in ICAP scenario. Will proxy send the decrypted packet to sandblast and wait for verdict from sandblast by holding the connection.

Regards,

Biju Nair

Sent from my iPhone

0 Kudos
Admin
Admin

Re: Sandboxing http/https traffics with web proxy(bluecoat) in place

Jump to solution

That's the basic idea.

0 Kudos

Re: Sandboxing http/https traffics with web proxy(bluecoat) in place

Jump to solution

Hi,

Have a look at sk111306 and install JHF 284 or newer which includes the ICAP server feature.

HTH,

Christian

Employee++
Employee++

Re: Sandboxing http/https traffics with web proxy(bluecoat) in place

Jump to solution

In addition this helps getting you started on the BC side:

ProxySG ICAP Integration 


Regards Thomas