Gebruiksaanwijzing /service van het product SGOS 4.x van de fabrikant Blue Coat Systems
Ga naar pagina of 34
Blue Coat ® Systems Pro xy SG ™ SGOS 4.x Upgr ade Guide.
Blue Coat SGOS 4.x Upgrade Guide ii Contact Inf or mation Blue Coat Syst ems Inc. 650 Almanor A venue Sunnyvale, California 94085 North America (USA) T oll Fr ee: 1.866.362.2628 (86 6.36.BCOA T) North America Direct (USA): 1.408.220.2270 Asia Pacific Rim (Japan): 81.
iii Contents Contact Information Chapter 1: Upgrading—Ove rview Changes Between SGOS 3. x and SGOS 4.x ....................... ................. ................ ............... ................ ... ............ 5 About the Document Organization ...
Blue Coat SGOS 4.x Upgrade Guide iv.
5 Chapter 1: Upgr ading—Ov er view Blue Coat ® stro n g l y re c om m en d s t h at yo u rea d th i s d o cu m e n t b e fo re at te m p t i ng t o u p gr ad e to S GO S 4.
Blue Coat SGOS 4.x Upgrade Guide 6 • Blue Coat ProxySG Configuration and Management Guide • Blue Coat Pr oxySG Content Policy Language Guide • Blue Coat Pr oxySG Command Line Interface Ref erence Document Con v entions The following section li sts the typographical and Command Line Interface (CLI) syntax conventions used in this manual.
7 Chapter 2: Upgr ade Beha vior , General Upgrading When upgrading to SGOS 4.x from SGOS 3.2.4 or higher , the Pr oxy SG saves a copy of the original configurations.
Blue Coat SGOS 4.x Upgrade Guide 8 Summar y of Changes to the Upgrade Process • The upgrade path must include a sy stem that shows all possible depr ecation warnin gs, so that these can be corr ected in advance of the upgrad e, to avoid policy compilation failu res after upgrading.
Chapter 2: Upgrade Beh avior, General 9 Redoing an Upgr ade from SGOS 3.2.4 When the initial SGOS 4.x upgrade occurs, any comp atible config urations are converted. This only happens the first time you upgrade; i f you later downgrade to a pr e-SGOS 4.
Blue Coat SGOS 4.x Upgrade Guide 10 Changing Between SGOS 4.x V ersions When moving fr om one SGOS 4.x r elease to anot her SGOS 4.x release, the system maintains all settings. Changes made after an upgrade continue to be available after a subsequent downgrade as long as the setting is re levant to the downgraded release.
Chapter 2: Upgrade Beh avior, General 11 Included W ebsense Offbo x Content Filtering For W ebsense of f-box support only . Included ICAP Services External virus and content scanning with ICAP servers.
Blue Coat SGOS 4.x Upgrade Guide 12 Hardware Suppor ted W ith SGOS v4.x, support for the Proxy SG Series 600 and 700 systems has been dr opped. Users with these systems must either upgrade their hardwar e or stay with SGOS v3.
13 Chapter 3: F eature-Specific Upgrade Beha vior This chapter provides critical information concerning how specific features are affected by upgrading to SGOS 4.x (and i f relevant do wngrading fr om) and provides actions admi nistrators must or are recommended to take as a result of upgrading.
Blue Coat SGOS 4.x Upgrade Guide 14 Global Enab le/Disable Switch In SGOS 4.x, you can enable or disable access loggi ng on a global basis, both through the Management Console ( Access Logging>General>Global Settings) and the CLI. When logging is disabled , that setting overrides bo th policy and logging configuration.
Chapter 3: Feature-Specific Upgrade Beh avior 15 P eer-to-P eer The Proxy SG recognizes peer -to-peer (P2P) activity rela tin g to P2P file sharing applications. By constructing policy , you can control, block, and lo g P2P activity and limit th e band width consumed by P2P traffi c.
Blue Coat SGOS 4.x Upgrade Guide 16 A new substituti on modifier—label(N)— has been added. It is used in conjunction with the client.host substituti on variable in defi ning Policy Substi tution Realms.
Chapter 3: Feature-Specific Upgrade Beh avior 17 A uthentication T wo new r ealms—policy substitution and Ob lix COREid—have been added in SGOS 4.x. • COREid Realm—The Pr oxy SG can be configur ed to consul t an Oblix COREid (f ormerly known as Oblix NetPoint) Access Server for authentica tion and session manage ment decisions.
Blue Coat SGOS 4.x Upgrade Guide 18 Upgrade Beha vior As BWM is a new feature, upgrade issues are restricted to pr eviously existing bandwidth configuration that will now be subs um ed into the BWM configuration. BWM does not r eplace the older bandwidth limiting featur es currently available in Streaming (max streaming, max Real and ma x MMS).
Chapter 3: Feature-Specific Upgrade Beh avior 19 On an upgrade, cached HTTP objects ar e usable. On a downgrade, cached H TTP objects fetched after the upgrad e are re-fetched.
Blue Coat SGOS 4.x Upgrade Guide 20 Endpoint Mapper and SOCKS Compression The Endpoint Mapper proxy accelerates Microsoft RPC traffic between branch and main of fices, automatically creating TCP tunnels to p orts wher e RPC services ar e r unning. The Endpoint Mapper proxy can be used in both explicit and transpar ent mode.
Chapter 3: Feature-Specific Upgrade Beh avior 21 • SGOS#(config external-services) view htt p icap-patience details • SGOS#(config external-services) view htt p icap-patience header • SGOS#(conf.
Blue Coat SGOS 4.x Upgrade Guide 22 • user= • user .domain= • user .x509.issuer= • user .x509.serialNumber= • user .x509.subject= The authenticated= condition can be used to test whether or not the user information is available.
Chapter 3: Feature-Specific Upgrade Beh avior 23 CPL Syntax that was deprecated in SGOS 3.x has been abandoned in SGOS 4.x. Policy that includes abandoned syntax should be cor rected befor e yo u attempt to upgrade the system. The standard upgrade path and process are designed to ensur e the integrity of policy and the securi ty of your network.
Blue Coat SGOS 4.x Upgrade Guide 24 protocol= url.scheme= proxy_address= proxy.address proxy_card= proxy.card proxy_port= proxy.port release_id= release.id= release_version= release.version= request_header.<name>= request.header.<name>= request_header_address.
Chapter 3: Feature-Specific Upgrade Beh avior 25 prefetch() pipeline() proxy_authentication() authenticate() reflect_vip() reflect_ip() service() allow or deny trace_destination() trace.destination() trace_level() trace.level() trace_request() trace.request() trace_rules() trace.
Blue Coat SGOS 4.x Upgrade Guide 26 request_header.Content-Language request.h eader.Content-Language request_header.Content-Length request.h eader.Content-Length request_header.Content-Location request.h eader.Content-Location request_header.Content-MD5 request.
Chapter 3: Feature-Specific Upgrade Beh avior 27 request_header.User-Agent request.h eader.User-Agent request_header.Vary request.header.Va ry request_header.Via request.header.Vi a request_header.WWW-Authenticate request.h eader.WWW-Authenticate request_header.
Blue Coat SGOS 4.x Upgrade Guide 28 Documentation Ref erences Appendix D, “Substitutions,” in the B lue Coat Cont ent Policy Language Gu ide Exception P ages A number of built-in exception pages have been a dded to SGOS 4.x to send information back to the user under operational contexts that ar e known to occur .
Chapter 3: Feature-Specific Upgrade Beh avior 29 • HTML Notificati on ❐ notify ❐ notify_missing_cookie • Compression ❐ transformation_err or ❐ unsupported_encoding ❐ invalid_res ponse • ICAP ❐ icap_error (should be used in place of the existing icap_communications_err or exception page) On a downgrade to SGOS 3.
Blue Coat SGOS 4.x Upgrade Guide 30 On an upgrade, objects that cannot be named by the user are automatically updated to have the underscore character pr efix the object name.
Chapter 3: Feature-Specific Upgrade Beh avior 31 SGOS#(config ssl)import keyring show|no-show keyring_id SGOS#(config ssl)import certificate keyr ing_id SGOS#(config ssl)import signing-request keyring.
Blue Coat SGOS 4.x Upgrade Guide 32.
33 Inde x A access logging default logs, protocols 14 global enable/disable switch, CLI commands 14 global enable/disable switch, ov ervi ew 14 new features in 13 P2P log, format 15 P2P upgrade behavi.
Blue Coat SGOS 4.x Upgrade Guide 34 substitutions abandoned 25 additional 15 substitution syntax, abandoned 23 U upgrading changes betwee n SGOS 3.2.3 and SGOS 4.
Een belangrijk punt na aankoop van elk apparaat Blue Coat Systems SGOS 4.x (of zelfs voordat je het koopt) is om de handleiding te lezen. Dit moeten wij doen vanwege een paar simpele redenen:
Als u nog geen Blue Coat Systems SGOS 4.x heb gekocht dan nu is een goed moment om kennis te maken met de basisgegevens van het product. Eerst kijk dan naar de eerste pagina\'s van de handleiding, die je hierboven vindt. Je moet daar de belangrijkste technische gegevens Blue Coat Systems SGOS 4.x vinden. Op dit manier kan je controleren of het apparaat aan jouw behoeften voldoet. Op de volgende pagina's van de handleiding Blue Coat Systems SGOS 4.x leer je over alle kenmerken van het product en krijg je informatie over de werking. De informatie die je over Blue Coat Systems SGOS 4.x krijgt, zal je zeker helpen om een besluit over de aankoop te nemen.
In een situatie waarin je al een beziter van Blue Coat Systems SGOS 4.x bent, maar toch heb je de instructies niet gelezen, moet je het doen voor de hierboven beschreven redenen. Je zult dan weten of je goed de alle beschikbare functies heb gebruikt, en of je fouten heb gemaakt die het leven van de Blue Coat Systems SGOS 4.x kunnen verkorten.
Maar de belangrijkste taak van de handleiding is om de gebruiker bij het oplossen van problemen te helpen met Blue Coat Systems SGOS 4.x . Bijna altijd, zal je daar het vinden Troubleshooting met de meest voorkomende storingen en defecten #MANUAl# samen met de instructies over hun opplosinge. Zelfs als je zelf niet kan om het probleem op te lossen, zal de instructie je de weg wijzen naar verdere andere procedure, bijv. door contact met de klantenservice of het dichtstbijzijnde servicecentrum.