• All Files
Configuring  >  Configuring Core Settings  >  Configuring Transparent Proxy  >  Enabling Transparent Proxy

Enabling Transparent Proxy

When configured as a Transparent Proxy, GFI WebMonitor acts as an intermediary between client machines and web servers to monitor and control HTTPHypertext Transfer Protocol. and HTTPSHypertext Transfer Protocol over Secure Socket Layer (SSL). traffic transparently. For more information refer to Configuring Transparent Proxy.

NOTE

This feature is not available for GFI WebMonitor installed as a plug-in for Microsoft Forefront TMGMicrosoft Forefront Threat Management Gateway. A Microsoft product that provides firewall and web proxy services. It also enables administrators to manage Internet access through policies. It is the successor of the Microsoft ISA Server and is part of the Microsoft Forefront line of business security software..

Transparent Proxy Settings

To enable Transparent Proxy:

  1. Go to Core Settings > Transparent settings.
  2. Click the Enable Transparent Proxy switch to enable.
  3. Configure the following options:
Option Description
Port

Specify the port number on which the internal facing network card will listen to requests. The default port is 8082.

IMPORTANT

Ensure the listening port does not conflict with other applications. When the port is changed, the proxy is restarted and ongoing connections are terminated.

Save and Test Transparent Proxy

Use the Save and Test Transparent Proxy button to check if the Transparent Proxy is operational.

NOTE

The test checks if the Transparent Proxy driver and modules are working well and if traffic generated from the GFI WebMonitor server machine is filtered properly. It cannot guarantee that traffic coming from the internal network gets processed properly.
Use general proxy authentication settings

By default, Transparent Proxy inherits the authentication settings from the regular proxy set from Connection Settings > Proxy Authentication. For more information refer to Configuring Proxy Authentication Method.

To override the regular authentication settings, uncheck this option and then set new authentication settings in the Proxy Authentication area.
Proxy Authentication
  • Basic authentication - Select if a user is required to provide login credentials when new Internet sessions are launched. When using Basic authentication, the browser prompts the user for a user name and password. This information is transmitted across HTTP as plain text and considered insecure.
  • Integrated authentication - (Recommended) This option enables GFI WebMonitor proxy to authenticate users by using the client machine access control service. User is not prompted to provide login credentials when new Internet sessions are launched. We recommend using Integrated authentication in a Windows domain environment since this method of authentication does not transmit user passwords across the network.

NOTE

Integrated authentication is disabled if the GFI WebMonitor machine authenticates local users as Guest. The Guest only network access model grants all users the same level of access to system resources and so GFI WebMonitor proxy will not be able to differentiate between the different users using a client machine.
IPs that will bypass the authentication Key in the IP addresses of machines to be excluded from authentication. Traffic from excluded IPs will not be authenticated by GFI WebMonitor. The dashboards will display only IP addresses and not user names.
  1. Click Save.
Try now, for FREE!

Related Topics

GFI WebMonitor Help System v11
Copyright © GFI Software Ltd 2017
Free Trial