The HTTP Proxy acts as an intermediary for HTTP and HTTPS requests from network clients. The HTTP proxy can cache and scan the web traffic as well as act as a reverse proxy for your internal web servers.
Advantages of HTTP Proxy
The HTTP Proxy service of the Barracuda CloudGen Firewall evaluates requests and, if configured, scans HTTP traffic for viruses or applies user-defined web filtering policies. Along with the option of implementing antivirus engines and access control policies, the HTTP Proxy service includes a range of useful features such as URL filtering, caching, and authentication services. The service also lets you specify and configure a proxy neighborhood.
Forward, Transparent, and Reverse Proxy Modes
On the CloudGen Firewall, you can configure the HTTP Proxy in the following modes of operation:
Forward Proxy – The HTTP proxy then acts as a client and generates further requests to the server. If requests received from a client must be directed to another server, select this mode. When using the HTTP Proxy in forward mode, you must manually apply proxy settings to clients' web browsers. However, you can automate this task by using Microsoft group policy objects or
proxy.pac
files with the DHCP server.Transparent Proxy – The HTTP Proxy operates transparently to the clients in the network. With this mode, you do not need to apply proxy settings to web browsers.
Reverse Proxy – The reverse proxy directs incoming requests from other servers to clients without providing the origin details.
Features of the HTTP Proxy Service
Along with proxying features, the HTTP Proxy service provides the following tools:
Content Filtering and Caching – For URL Filtering, the HTTP Proxy service operates with the Barracuda Web Filter (CFDEF). Previously visited website content is stored in a cache, which improves website loading speed and saves bandwidth.
Antivirus and Malware Protection – The HTTP Proxy service offers the powerful Avira antivirus engine. For content scanning in the Barracuda cloud, you can enable the Barracuda Web Security service with your HTTP Proxy service.
Access Control – The HTTP Proxy service lets you configure access control policies and lists for networks and users.
Authentication – The firewall provides various external authentication services for HTTP Proxy, such as MS-CHAP v2 and Kerberos.
TLS Inspection – The firewall can intercept HTTPS connections. A root certificate must be installed in the client browsers to avoid TLS errors.
Configuring the HTTP Proxy
To set up and configure the HTTP proxy, see the following articles: