Manual Chapter :
Secure Web Gateway
Applies To:
Show Versions
BIG-IQ Centralized Management
- 7.1.0
Secure Web Gateway
About secure web gateways
BIG-IP Access Policy Manager (APM) implements a Secure Web Gateway (SWG) for outbound access by providing access control based on URL categorization to forward proxy. With APM, you can create a configuration to protect your network assets and end users from threats, and enforce a use and compliance policy for Internet access. Users that access the Internet from the enterprise go through APM, which can allow or block access to URL categories or indicate that the user should confirm the URL before access can be allowed.
To enable secure web gateways, click the box
Enable SWG
during Access group creation.All secure web gateway configurations must be created on a source managed BIG-IP device, and re-imported and deployed to target devices in an Access group within BIG-IQ.
About URL categories
The Secure Web Gateway URL database supplies over 150 URL categories and identifies over 60 million URLs that fit within these categories. In addition, you can create custom categories if needed and add URLs to any category, custom or otherwise. You can also use custom categories to define blacklists and whitelists.
To add custom URL categories, do so on the BIG-IP system that is linked to the device; then reimport the device to the BIG-IQ system. You may view the URL categories by navigating to and select or create an Access group. Navigate to .
About URL filters
Without a URL database, an administrator tasked with treating only a few URLs differently can specify criteria for matching those few URLs in a simple URL Branching action in a per-request policy. An administrator who must categorize and filter a large number of URLs can, however, do this using Access Policy Manager (APM) user-defined URL categories.
To add URL filters, do so on the BIG-IP system that is linked to the device; then reimport the device to the BIG-IQ system. You may view URL filters . Select or create an Access group and navigate to .
About application filtering
Access Policy Manager implements application filtering using a Secure Web Gateway (SWG). Within an Access Group, BIG-IQ lists the applications and application families implemented during application filtering in a given Access Group. Application family names are reflective of the applications contained inside a family, and provide broad categories for organization.
This list is system-defined and is available for visibility purposes. You may view the in-use applications under
You may view the Applications in use by navigating to , and clicking .
To add application filters, do so on the BIG-IP system that is linked to the device; then reimport the device to the BIG-IQ system.
