Applies To:Show Versions
- 13.0.1, 13.0.0
About initial configuration steps for SWG
On a BIG-IP® system with an SWG subscription, the first thing you must do is download the URL database. After that, if you want to use transparent user identification, you should install one of the Secure Web Gateway user identification agents: F5 DC Agent or F5 Logon Agent.
Overview: Downloading and updating the URL database for SWG
On a system where URL database download is available, you must complete the download before you start to configure per-request policies to categorize and filter URLs. You can download the URL database to the BIG-IP system or to an upstream proxy.
For SWG to best protect your network from new threats, schedule regular database downloads to update the existing URL categories with new URLs. Without these updates, SWG uses obsolete security intelligence and as a result, protection of your networks is less effective.
Configuring an upstream proxy for the BIG-IP system
- On the Main tab, select
- In the Name field, type a name for the proxy server.
- In the IP Address field, type the IP address for the proxy server.
- In the Port field, type the port number for the proxy server.
- In the User Name and Passwordfields, type credentials for an account on the proxy server if needed.
- Click Save.
Downloading the URL database
- DNS for the BIG-IP device in the System area of the product.
- A default route in the Network area of the product.
- On the Main tab, click .
In the Download Settings area from the Downloads list,
Additional settings display. Download Schedule displays a default schedule for the download.
- To download the database to an upstream proxy, select the Use Proxy check box.
In the Download Schedule settings, configure a two-hour
period in which to start the download.
Schedule the download to occur during off-peak hours. The default schedule is between one and three A.M.Warning: After the download completes, database indexing occurs. It consumes a high amount of CPU.The process of downloading the master database and the database indexing that follows can take 30 minutes to several hours depending on system capacity.
- Click Update Settings.
To download the database immediately, click Download
A download occurs only when a newer version becomes available.Warning: Database indexing occurs after the download and impacts system performance.Warning: The ANTserver service is not available on the BIG-IP system for approximately 300 milliseconds after the database download completes.
Looking up a URL category in the master database
- On the Main tab, click .
In the URL field, type the URL that you want to look up.
Type the complete URL, including the URI scheme.Type https://www.google.com; not www.google.com or https://www.google.
Note: Custom categories are not searched.Results display in the URL Category table.
Configuring logging for the URL database
On the Main tab, click
.A log settings table screen opens.
From the table, select default-log-setting and click
A log settings popup screen displays.
- Verify that the Enable access system logs check box is selected.
To configure settings for access system logging, select Access
System Logs from the left pane.
Access System Logs settings display in the right panel.
From the Log Publisher list, select the log publisher of
A log publisher specifies one or more logging destinations.Important: The BIG-IP® system is not a logging server and has limited capacity for storing, archiving, and analyzing logs. For this reason a dedicated logging server is recommended.
To change the minimum log level, from the Secure Web
Gateway list, select a log level.
Note: Setting the log level to Debug can adversely impact system performance.The default log level is Notice. At this level, logging occurs for messages of severity Notice and for messages at all incrementally greater levels of severity.
The popup screen closes. The table displays.
Viewing a URL database report
On the Main tab, click
. The Reports Browser displays in the right pane. The Report Parameters popup screen opens and displays a description of the current default report and default time settings.
The Report Parameters popup screen closes.
In the Reports Browser in the General Reports list, select
. The Report Parameters popup screen displays.
Update the parameters, if necessary, and click Run
The popup screen closes. The report displays in the Report Browser.
Secure Web Gateway database download log messages
When you deploy Secure Web Gateway (SWG), the database downloads output messages to the log destinations specified in the default-log-setting. This table lists messages that are available only when you enable debug.
|Transfer Status 247||The file is transferred successfully to the BIG-IP® system. If you see a Transfer Status other than 247, it might indicate an error.|
|RTU Type||The RTU Type is always 1. If you see an RTU Type other than 1, it might indicate an error.|
|Expiration Date||The BIG-IP system does not use the expiration date in this message. Instead, the BIG-IP system enforces the SWG license and the database download works accordingly.|