English dropdown-ico

Blue Coat Systems SGOS 4.x manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

Go to page of

Similar user manuals

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Blue Coat Systems SGOS 4.x, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Blue Coat Systems SGOS 4.x one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Blue Coat Systems SGOS 4.x. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Blue Coat Systems SGOS 4.x should contain:
- informations concerning technical data of Blue Coat Systems SGOS 4.x
- name of the manufacturer and a year of construction of the Blue Coat Systems SGOS 4.x item
- rules of operation, control and maintenance of the Blue Coat Systems SGOS 4.x item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Blue Coat Systems SGOS 4.x alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Blue Coat Systems SGOS 4.x, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Blue Coat Systems service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Blue Coat Systems SGOS 4.x.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Blue Coat Systems SGOS 4.x item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    Blue Coat ® Systems Pro xy SG ™ SGOS 4.x Upgr ade Guide[...]

  • Page 2

    Blue Coat SGOS 4.x Upgrade Guide ii Contact Inf or mation Blue Coat Syst ems Inc. 650 Almanor A venue Sunnyvale, California 94085 North America (USA) T oll Fr ee: 1.866.362.2628 (86 6.36.BCOA T) North America Direct (USA): 1.408.220.2270 Asia Pacific Rim (Japan): 81.3.5425.8492 Europe, Mid dle East, and Africa (U nited Kingdom): +44 (0) 1276 854 10[...]

  • Page 3

    iii Contents Contact Information Chapter 1: Upgrading—Ove rview Changes Between SGOS 3. x and SGOS 4.x ....................... ................. ................ ............... ................ ... ............ 5 About the Document Organization ............ ................. ................. .............. ................. ................. ..[...]

  • Page 4

    Blue Coat SGOS 4.x Upgrade Guide iv[...]

  • Page 5

    5 Chapter 1: Upgr ading—Ov er view Blue Coat ® stro n g l y re c om m en d s t h at yo u rea d th i s d o cu m e n t b e fo re at te m p t i ng t o u p gr ad e to S GO S 4.x from pr evious Proxy SG operating systems. Existing features and policies might not perform as with previous versions, and upgrading to this version might require some addit[...]

  • Page 6

    Blue Coat SGOS 4.x Upgrade Guide 6 • Blue Coat ProxySG Configuration and Management Guide • Blue Coat Pr oxySG Content Policy Language Guide • Blue Coat Pr oxySG Command Line Interface Ref erence Document Con v entions The following section li sts the typographical and Command Line Interface (CLI) syntax conventions used in this manual. T abl[...]

  • Page 7

    7 Chapter 2: Upgr ade Beha vior , General Upgrading When upgrading to SGOS 4.x from SGOS 3.2.4 or higher , the Pr oxy SG saves a copy of the original configurations. Th ese confi gurations remain unaf fected when configuring featur es going forward . If you downgrade to the previous SGOS version, th e saved configuration is us ed and the Pr oxy SG [...]

  • Page 8

    Blue Coat SGOS 4.x Upgrade Guide 8 Summar y of Changes to the Upgrade Process • The upgrade path must include a sy stem that shows all possible depr ecation warnin gs, so that these can be corr ected in advance of the upgrad e, to avoid policy compilation failu res after upgrading. Migrating through SGOS 3.2.4 or greater satisfies th is requireme[...]

  • Page 9

    Chapter 2: Upgrade Beh avior, General 9 Redoing an Upgr ade from SGOS 3.2.4 When the initial SGOS 4.x upgrade occurs, any comp atible config urations are converted. This only happens the first time you upgrade; i f you later downgrade to a pr e-SGOS 4.x version by selecti ng an earlier image on your system, make configuration changes, and re-instal[...]

  • Page 10

    Blue Coat SGOS 4.x Upgrade Guide 10 Changing Between SGOS 4.x V ersions When moving fr om one SGOS 4.x r elease to anot her SGOS 4.x release, the system maintains all settings. Changes made after an upgrade continue to be available after a subsequent downgrade as long as the setting is re levant to the downgraded release. Note: When upgrading or do[...]

  • Page 11

    Chapter 2: Upgrade Beh avior, General 11 Included W ebsense Offbo x Content Filtering For W ebsense of f-box support only . Included ICAP Services External virus and content scanning with ICAP servers. Included Bandwidth Management Allows you to classify , control, and, if requir ed, limit the amount of bandwidth used by differ ent classes of netwo[...]

  • Page 12

    Blue Coat SGOS 4.x Upgrade Guide 12 Hardware Suppor ted W ith SGOS v4.x, support for the Proxy SG Series 600 and 700 systems has been dr opped. Users with these systems must either upgrade their hardwar e or stay with SGOS v3.x. Blue Coat supports the following hardware: • Proxy SG Series 200 • Proxy SG Series 400 • Proxy SG Series 800 • Pr[...]

  • Page 13

    13 Chapter 3: F eature-Specific Upgrade Beha vior This chapter provides critical information concerning how specific features are affected by upgrading to SGOS 4.x (and i f relevant do wngrading fr om) and provides actions admi nistrators must or are recommended to take as a result of upgrading. This chapter contains the foll owing sections:. • &[...]

  • Page 14

    Blue Coat SGOS 4.x Upgrade Guide 14 Global Enab le/Disable Switch In SGOS 4.x, you can enable or disable access loggi ng on a global basis, both through the Management Console ( Access Logging>General>Global Settings) and the CLI. When logging is disabled , that setting overrides bo th policy and logging configuration. When access logging is [...]

  • Page 15

    Chapter 3: Feature-Specific Upgrade Beh avior 15 P eer-to-P eer The Proxy SG recognizes peer -to-peer (P2P) activity rela tin g to P2P file sharing applications. By constructing policy , you can control, block, and lo g P2P activity and limit th e band width consumed by P2P traffi c. Upgrade Beha vior • A new default format and a log called p2p i[...]

  • Page 16

    Blue Coat SGOS 4.x Upgrade Guide 16 A new substituti on modifier—label(N)— has been added. It is used in conjunction with the client.host substituti on variable in defi ning Policy Substi tution Realms. For exa mple, $(client.host:label(2)) could be used in the definiti on of a Policy Substitution Realm to set the user name from the results of [...]

  • Page 17

    Chapter 3: Feature-Specific Upgrade Beh avior 17 A uthentication T wo new r ealms—policy substitution and Ob lix COREid—have been added in SGOS 4.x. • COREid Realm—The Pr oxy SG can be configur ed to consul t an Oblix COREid (f ormerly known as Oblix NetPoint) Access Server for authentica tion and session manage ment decisions. This req u i[...]

  • Page 18

    Blue Coat SGOS 4.x Upgrade Guide 18 Upgrade Beha vior As BWM is a new feature, upgrade issues are restricted to pr eviously existing bandwidth configuration that will now be subs um ed into the BWM configuration. BWM does not r eplace the older bandwidth limiting featur es currently available in Streaming (max streaming, max Real and ma x MMS). It [...]

  • Page 19

    Chapter 3: Feature-Specific Upgrade Beh avior 19 On an upgrade, cached HTTP objects ar e usable. On a downgrade, cached H TTP objects fetched after the upgrad e are re-fetched. Documentation Ref erences • Chapter 6, “Confi guring Pr oxies,” in the Blue Coat Pr oxySG Configuration and Management Guide • The Blue Coat Content Pol icy Language[...]

  • Page 20

    Blue Coat SGOS 4.x Upgrade Guide 20 Endpoint Mapper and SOCKS Compression The Endpoint Mapper proxy accelerates Microsoft RPC traffic between branch and main of fices, automatically creating TCP tunnels to p orts wher e RPC services ar e r unning. The Endpoint Mapper proxy can be used in both explicit and transpar ent mode. Using SOCKS compr ession[...]

  • Page 21

    Chapter 3: Feature-Specific Upgrade Beh avior 21 • SGOS#(config external-services) view htt p icap-patience details • SGOS#(config external-services) view htt p icap-patience header • SGOS#(config external-services) view htt p icap-patience help • SGOS#(config external-services) view htt p icap-patience summary Documentation Ref erences Cha[...]

  • Page 22

    Blue Coat SGOS 4.x Upgrade Guide 22 • user= • user .domain= • user .x509.issuer= • user .x509.serialNumber= • user .x509.subject= The authenticated= condition can be used to test whether or not the user information is available. Forward layer r ules contai ning the ot her new authentication conditions wi ll fail to match if ther e is no a[...]

  • Page 23

    Chapter 3: Feature-Specific Upgrade Beh avior 23 CPL Syntax that was deprecated in SGOS 3.x has been abandoned in SGOS 4.x. Policy that includes abandoned syntax should be cor rected befor e yo u attempt to upgrade the system. The standard upgrade path and process are designed to ensur e the integrity of policy and the securi ty of your network. Bl[...]

  • Page 24

    Blue Coat SGOS 4.x Upgrade Guide 24 protocol= url.scheme= proxy_address= proxy.address proxy_card= proxy.card proxy_port= proxy.port release_id= release.id= release_version= release.version= request_header.<name>= request.header.<name>= request_header_address.<name>= request.header.<n ame>.address= request_x_header.<name&[...]

  • Page 25

    Chapter 3: Feature-Specific Upgrade Beh avior 25 prefetch() pipeline() proxy_authentication() authenticate() reflect_vip() reflect_ip() service() allow or deny trace_destination() trace.destination() trace_level() trace.level() trace_request() trace.request() trace_rules() trace.rules() T able 3.10: Abandoned P olicy Actions Abandoned Synta x Repla[...]

  • Page 26

    Blue Coat SGOS 4.x Upgrade Guide 26 request_header.Content-Language request.h eader.Content-Language request_header.Content-Length request.h eader.Content-Length request_header.Content-Location request.h eader.Content-Location request_header.Content-MD5 request.h eader.Content-MD5 request_header.Content-Range request.h eader.Content-Range request_h[...]

  • Page 27

    Chapter 3: Feature-Specific Upgrade Beh avior 27 request_header.User-Agent request.h eader.User-Agent request_header.Vary request.header.Va ry request_header.Via request.header.Vi a request_header.WWW-Authenticate request.h eader.WWW-Authenticate request_header.Warning request.header.Wa rning request_header.X-BlueCoat-Error request.h eader.X-BlueCo[...]

  • Page 28

    Blue Coat SGOS 4.x Upgrade Guide 28 Documentation Ref erences Appendix D, “Substitutions,” in the B lue Coat Cont ent Policy Language Gu ide Exception P ages A number of built-in exception pages have been a dded to SGOS 4.x to send information back to the user under operational contexts that ar e known to occur . New exception pages include: re[...]

  • Page 29

    Chapter 3: Feature-Specific Upgrade Beh avior 29 • HTML Notificati on ❐ notify ❐ notify_missing_cookie • Compression ❐ transformation_err or ❐ unsupported_encoding ❐ invalid_res ponse • ICAP ❐ icap_error (should be used in place of the existing icap_communications_err or exception page) On a downgrade to SGOS 3.2.4, the ProxySG r [...]

  • Page 30

    Blue Coat SGOS 4.x Upgrade Guide 30 On an upgrade, objects that cannot be named by the user are automatically updated to have the underscore character pr efix the object name. Documentation Ref erence Chapter 14, “VPM,” in the Blue Coat ProxySG Configuration and Management Guide Securing the Ser ial P or t When the secur e serial port is enable[...]

  • Page 31

    Chapter 3: Feature-Specific Upgrade Beh avior 31 SGOS#(config ssl)import keyring show|no-show keyring_id SGOS#(config ssl)import certificate keyr ing_id SGOS#(config ssl)import signing-request keyring_id SGOS#(config ssl)import ca-certificate k eyring_id SGOS#(config ssl)import external-certifi cate keyring_id Documentation Ref erences Chapter 7, ?[...]

  • Page 32

    Blue Coat SGOS 4.x Upgrade Guide 32[...]

  • Page 33

    33 Inde x A access logging default logs, protocols 14 global enable/disable switch, CLI commands 14 global enable/disable switch, ov ervi ew 14 new features in 13 P2P log, format 15 P2P upgrade behavior 15 substitutions, new 15 authentication BCAAA, installing 17 COREid realm, added 17 Policy Substitution realm, added 17 upgrade behavior 17 B bandw[...]

  • Page 34

    Blue Coat SGOS 4.x Upgrade Guide 34 substitutions abandoned 25 additional 15 substitution syntax, abandoned 23 U upgrading changes betwee n SGOS 3.2.3 and SGOS 4.x 5 paths, required 7 restore-cacheos4-config command, upgrading 9 restore-sgos2-config command, using 9 restore-sgos3-config command, using 9 V VPM object naming 29 UTF-8 encoding 29[...]