Configuring anonymous proxy detection and monitoring

Anonymous proxies are typically used to circumvent security policies, allowing users to access prohibited recreational, adult or other non-business sites by tunneling this traffic over a regular or encrypted HTTP session. Anonymous Proxies also provide anonymity; users accessing websites through an Anonymous Proxy cannot easily be traced back to their original IPInternet protocol.

Exinda Appliances have built-in support for anonymous proxy detection. The Exinda Appliance receives daily updates from www.exinda.com containing updated anonymous proxy definitions, much like anti-virus applications receive daily threat updates.

The anonymous proxy application is a special application object that is used to detect anonymous proxy websites and services. However, the anonymous proxy service is disabled by default.

If the anonymous proxy service is enabled, the Exinda appliance fetches a list of anonymous proxy definitions from the Exinda web servers on a daily basis.

An application object called 'Anonymous Proxy' is automatically created. The Anonymous Proxy application tracks all traffic sent through one of the anonymous proxies in the list. This application object is displayed in the monitoring reports like any other application object and can also be used in the Optimizer policies.

NOTE

  • Anonymous Proxy classification only occurs if the Anonymous Proxy ASAM module is enabled on the Configuration > System > Setup > Monitoring page.
  • In order to receive daily Anonymous Proxy definition updates, the Exinda appliance must be able to contact the Exinda web servers and the appliance must also have a valid software subscription.

The form to enable the Anonymous Proxy service to keep of list of anonymous proxy sites.

The form to enable/disable the Anonymous Proxy ASAM required for classification.