Manual :
BIG-IP Access Policy Manager: Secure Web Gateway Implementations
Applies To:
Show VersionsBIG-IP APM
- 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1
Original Publication Date: 03/11/2019
- BIG-IP APM Secure Web Gateway Overview
- URL Categorization
-
User Identification
- About user identification
- About session management cookies and Secure Web Gateway
- About ways to configure user identification for SWG
-
Overview: Identifying users transparently
- Configuring the BIG-IP system for the F5 DC Agent
- Verifying network communication
- Downloading and installing F5 DC Agent
- Updating privileges for the F5 DC Agent service
- Configuring the initialization file
- Configuring domain controller polling in the dc_agent.txt file
- Recovering from an unsuccessful installation
- Troubleshooting when a user is identified incorrectly
- F5 DC Agent error messages
-
Explicit Forward Proxy
-
Overview: Configuring SWG explicit forward proxy
- About the iApp for Secure Web Gateway configuration
- About ACLs and SWG explicit forward proxy
- Creating a DNS resolver
- Adding forward zones to a DNS resolver
- Creating a tunnel for SSL forward proxy traffic
- Creating a custom HTTP profile for explicit forward proxy
- Creating a custom Client SSL forward proxy profile
- Creating a custom Server SSL profile
- Creating an access profile for SWG explicit forward proxy
- Configuring an access policy for SWG explicit forward proxy
- Creating a virtual server to use as the forward proxy server
- Creating a virtual server for SSL forward proxy traffic
- Creating a virtual server to reject traffic
- Implementation result
-
Overview: Configuring SWG explicit forward proxy
-
Transparent Forward Proxy
-
Overview: Configuring transparent forward proxy in inline mode
- About the iApp for Secure Web Gateway configuration
- About ways to configure user identification for SWG
- Creating a VLAN for transparent forward proxy
- Assigning a self IP address to a VLAN
- Creating an access profile for SWG transparent forward proxy
- Configuring an access policy for transparent forward proxy
- Creating a custom Client SSL forward proxy profile
- Creating a custom Server SSL profile
- Creating a virtual server for forward proxy SSL traffic
- Creating a virtual server for forward proxy traffic
- Creating a forwarding virtual server
- Creating a Client SSL profile for a captive portal
- Creating a virtual server for a captive portal
- Implementation result
-
Overview: Configuring transparent forward proxy
- About the iApp for Secure Web Gateway configuration
- About ways to configure user identification for SWG
- Creating a VLAN for transparent forward proxy
- Assigning a self IP address to a VLAN
- Creating an access profile for SWG transparent forward proxy
- Configuring an access policy for transparent forward proxy
- Creating a custom Client SSL forward proxy profile
- Creating a custom Server SSL profile
- Creating a virtual server for forward proxy SSL traffic
- Creating a virtual server for forward proxy traffic
- Creating a Client SSL profile for a captive portal
- Creating a virtual server for a captive portal
- Implementation result
-
Overview: Configuring transparent forward proxy in inline mode
- SSL Forward Proxy Bypass
-
Reports, Logs, and Statistics
- About SWG data for threat monitoring
- About Access Policy Manager and Secure Web Gateway logs
- About local and remote logging for Secure Web Gateway
- Flowchart for local logging configuration
- Overview: Monitoring Internet traffic and making adjustments to SWG
- Overview: Configuring remote high-speed SWG event logging
- Kerberos Authentication and SWG
- NTLM Authentication and SWG