Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 0 subscribers
  • Views 10988 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web appliance deployment

moramoga

Hello everyone,

I need to configure a Web Appliance soon. In the meanwhile I have been reading about the deployment options: Explicit, Tramsparent and Bridge. Which one of those will you recommend and why? Is it only compatible with mozilla and IE, or is also Chrome compatible? I heard only explicit mode is compatible with Active Directory which is a big plus. I will appreciate your input, thanks!

:22105


This thread was automatically locked due to age.
Parents
  • 0

    Hi moramoga,

    The good news is that Active Directory is supported in all 3 modes :)

    So the mode to choose will really depend on your preference.

    Transparent / Bridge deployments allow you to ensure all http/https traffic is filtered without having to setup any proxy settings.   As jdobbins88 mentioned, there are a couple of considerations to make:

    • This removes the option to configure load-balancing or failover.  All traffic will go through one appliance.  (Although, in bridge mode traffic will continue unfiltered if the appliance does fail).
    • It is more difficult to completely bypass the appliance for a specific application/site

    Explicit mode is more of a traditional proxy setup.  It requires that proxy settings or a proxy.pac/wpad.dat file is configured on all clients.  These can usually be distributed by group policy etc.  Using methods like a proxy.pac file you can also easily configure load balancing and failover. 

    The main drawback is distributing these proxy settings to all clients - It will be more difficult to ensure guests/roaming users can access the web without proxy configuration.

    Hope this helps,  let me know if you have any more questions on a particular mode.

    Tom.

    :22219
Reply
  • 0

    Hi moramoga,

    The good news is that Active Directory is supported in all 3 modes :)

    So the mode to choose will really depend on your preference.

    Transparent / Bridge deployments allow you to ensure all http/https traffic is filtered without having to setup any proxy settings.   As jdobbins88 mentioned, there are a couple of considerations to make:

    • This removes the option to configure load-balancing or failover.  All traffic will go through one appliance.  (Although, in bridge mode traffic will continue unfiltered if the appliance does fail).
    • It is more difficult to completely bypass the appliance for a specific application/site

    Explicit mode is more of a traditional proxy setup.  It requires that proxy settings or a proxy.pac/wpad.dat file is configured on all clients.  These can usually be distributed by group policy etc.  Using methods like a proxy.pac file you can also easily configure load balancing and failover. 

    The main drawback is distributing these proxy settings to all clients - It will be more difficult to ensure guests/roaming users can access the web without proxy configuration.

    Hope this helps,  let me know if you have any more questions on a particular mode.

    Tom.

    :22219
Children
No Data
Unfiltered HTML