Use an HTTP proxy to connect to the ThreatSeeker Intelligence Cloud server
You can optionally configure an HTTP proxy for the engine's connection to the external ThreatSeeker Intelligence Cloud server.
When you use an HTTP proxy, categorization requests are sent through the proxy instead of the engine accessing the external network directly.
For more details about the product and how to configure features, click Help or press F1.
Steps
-
Add one or more HTTP Proxy elements.
-
Select
Configuration.
- Browse to .
- Right-click HTTP Proxies, then select New HTTP Proxy.
- Configure the settings.
- Click OK.
-
Select
- In the Configuration view, browse to .
- Right-click an engine, then select Edit <element type>.
- In the navigation pane on the left, browse to .
- Next to the HTTP Proxies list, click Add.
- Select one or more HTTP Proxy elements, then click Select.
-
Click
Save.
HTTP Proxy Properties dialog box
Use this dialog box to change the properties of an HTTP proxy.
| Option | Definition |
|---|---|
| General tab | |
| Name | The name of the element or the domain name of the proxy. |
| Resolve (Optional) |
Automatically resolves the domain name in the Name field. |
| IP Address | Specifies the IPv4 or IPv6 address of the HTTP proxy. |
| Port | Specifies the TCP port number of the HTTP proxy. The default port is 8080. |
| User Name
(Optional) |
Specifies the user name for logging on to the HTTP proxy. |
| Password (Optional) |
Specifies the password for logging on to the HTTP proxy. By default, passwords and keys are not shown in plain text. To show the password or key, deselect the Hide option. |
| Category (Optional) |
Includes the element in predefined categories. Click Select to select a category. |
| Tools Profile | Adds commands to the right-click menu for the element. Click Select to select an element. |
| Comment (Optional) |
A comment for your own reference. |
| Option | Definition |
|---|---|
| Monitoring tab | |
| Log Server | The Log Server that monitors the status of the element. |
| Status Monitoring | When selected, activates status monitoring for the device. You must also select the Probing Profile that contains the definitions for the monitoring. When you select Status Monitoring, the element is added to the tree in the Home view. |
| Probing Profile | Shows the name of the selected Probing Profile. Click Select to select a Probing Profile element. |
| Log Reception | Activates syslog reception from this device. You must select the Logging Profile that contains the definitions for converting the syslog entries to SMC log entries. You must also select the Time Zone in which the device is located. By default, the local time zone of the computer you are using is selected. |
| Logging Profile | Shows the name of the selected Logging Profile. Click Select to select a Logging Profile element. |
| Time Zone | Selects the time zone for the logs. |
| Encoding | Selects the character set for log files. |
| SNMP Trap Reception | Enables the reception of SNMP traps from the third-party device. |
| NetFlow Reception | Enables the reception of NetFlow data from the third-party device. The supported versions are NetFlow v5, NetFlow v9, and IPFIX (NetFlow v10). |
Engine Editor > Add-Ons > ThreatSeeker
Use this branch to select HTTP Proxy elements for the connection to the ThreatSeeker Intelligence Cloud.
| Option | Definition |
|---|---|
| Enable | When selected, enables ThreatSeeker URL filtering for the engine. |
| HTTP Proxies (Optional) |
When specified, requests are sent through an HTTP proxy instead of the engine accessing the external network directly. Add — Allows you to add an HTTP Proxy to the list. Remove — Removes the selected HTTP Proxy from the list. |