Académique Documents
Professionnel Documents
Culture Documents
The Webcast will begin just a minute or so after the top of the hour to
allow todays very large audience sufficient time to join
You may join the teleconference through the numbers provided in
your invite, or listen through your computer speakers
Audio broadcast will go live when the Webcast begins
The Presentation will run approximately 60 minutes
There will be a 30-minute Q/A session thereafter
Policy Construct
Policy Integrity
Policy Optimization
Q&A
Copyright2014
Copyright 2014Blue
2013 BlueCoat
CoatSystems
SystemsInc.
Inc. All
AllRights
RightsReserved.
Reserved. 4
POLICY CONSTRUCT
OVERVIEW
Ordering of Layers
- Allow/Deny
- Trace
- Force_Deny
- Exception
http://www.support.blah.com:80/path.path_path/demo_file.html?sess=1234
url.scheme=
url.path= url.query=
url.host=
url.port= url.path.regex=
url.host.regex= url.query.regex=
url.address=
url.extension=
url.domain=
url=
url.regex=
Allow
OK
Actions
Deny
Force Deny
Copyright 2014 Blue Coat Systems Inc. All Rights Reserved. 18
POLICY INTEGRITY
ALLOW VS OK
TYPICAL IMPLEMENTATION
<proxy>
url.extension=.exe DENY
<proxy>
category=(sports) exception(content_filter_denied)
<proxy>
client.address=192.168.15.252/30 ALLOW
PREFERRED IMPLEMENTATION
<proxy>
url.extension=.exe DENY
<proxy>
client.address=192.168.15.252/30 OK
category=(sports) exception(content_filter_denied)
<policy> <policy>
Client.address = 192.168.15.42 ALLOW Client.address = 192.168.15.42 ALLOW
ALLOW DENY
Copyright 2014 Blue Coat Systems Inc. All Rights Reserved. 21
POLICY INTEGRITY
OPERATORS
CPL:
client.address=1.1.1.1 url.domain=abc.com
url.extension=(exe, com) DENY
Copyright 2014 Blue Coat Systems Inc. All Rights Reserved. 22
POLICY INTEGRITY
OPERATORS
CPL:
client.address=1.1.1.1 url.domain=abc.com
url.extension=!(exe, com) DENY
Copyright 2014 Blue Coat Systems Inc. All Rights Reserved. 23
POLICY INTEGRITY
TYPICAL IMPLEMENTATION
<proxy>
client.address=!my_users DENY
<proxy>
category=(pornography, gambling) exception(content_filter_denied)
<proxy>
condition=executable condition=!approved_application
exception(user_defined.too_risky)
<proxy>
client.address=!my_users FORCE_DENY
<proxy>
category=(pornography, gambling) force_exception(content_filter_denied)
<proxy>
Condition = executable condition=!approved_application
exception(user_defined.too_risky)
Copyright2014
Copyright 2014Blue
2013 BlueCoat
CoatSystems
SystemsInc.
Inc. All
AllRights
RightsReserved.
Reserved. 26
POLICY OPTIMIZATION
IMPLEMENTATION TYPES
Using the Visual Policy Manager (VPM) versus Content Policy Language (CPL)
VPM CPL
User-friendly Can be scripted
Graphical For implementing policy not
Easy to use available in the VPM
Regex Finds
url.host.regex=\.com$ Finds hosts ending in .com note
that the period is escaped
url.host.regex=x+ Matches x one or more times
url.host.regex=x{2,5} Matches x 2 to 5 times
url.path.regex=^\/bad-directory\/ Finds all URLs that begin with /bad-
directory
url.query.regex=login=matt Finds query strings that contain
login=matt
(anchor this if possible)
url.domain=company.com
url.domain=www.company.com
url.domain=www.company.com/cgi-bin
url.path=/cgi-bin/
url=http://www.company.com/cgi-bin/
url=http://www.company.com/cgi-bin/query.pl?q=test#fragment
client.address=216.52.23.3 <proxy>
category=(gambling) OK client.address=test_network
category=(gambling) OK
client.address=216.52.23.5
category=(gambling) OK category=(gambling)
exception(content_filter_denied
category=(gambling)
exception(content_filter_denied)
DENY
group=hr category=(news/media)
exception(content_filter_denied)
Policy Construct:
How to express policy decisions in layers
Importance of consistency within the policy model
Logical ordering of layers
Policy Integrity:
Look at the different types of Triggers & Actions
How use of Actions affect policy
How the policy is evaluated
Policy Optimization:
VPM & CPL examples
Talk about Importance of Rule Placement
Correct syntax used for Conditions & Definitions within policy
Use of Layer Guards
Copyright 2014 Blue Coat Systems Inc. All Rights Reserved. 40
BLUE COAT CUSTOMER FORUMS
Questions?