Writing Policies

A secure proxy possesses detailed knowledge about specific protocols and applications. This knowledge enables a proxy to examine network traffic thoroughly, conduct deep content analysis, perform data transformation, and manipulate connections and transactions, essentially applying every technique at its disposal to enforce defined security policies. A proxy is deployed at a vantage point that enables it to filter undesirable payloads, alert network administrators and security teams of policy violations, log user activities, and prevent confidential information leakage.

A proxy is commonly deployed collaboratively with other security solutions such as a data loss prevention solution, antivirus engine, and sandbox malware analyzer, and with systems that are essential to enterprise network operations such as an authentication server and a mail server. Together, these solutions offer a unified and layered security defense infrastructure against modern-day cyber threats conjured by black hats.

Chapter 3 examines the inner workings of a secure proxy's policy engine and discusses the general concepts behind a policy system, its policy language, and the intricacies of policy execution against transactions. In this chapter, we will provide example scenarios with specific security goals and explain how to implement those security goals using a real-world secure policy system.

Overview of the ProxySG Policy Language

In this chapter, we use the Blue Coat ProxySG ...