CHAPTER 6
Writing Policies
A secure proxy possesses detailed knowledge about specific protocols and applications. This knowledge enables a proxy to examine network traffic thoroughly, conduct deep content analysis, perform data transformation, and manipulate connections and transactions, essentially applying every technique at its disposal to enforce defined security policies. A proxy is deployed at a vantage point that enables it to filter undesirable payloads, alert network administrators and security teams of policy violations, log user activities, and prevent confidential information leakage.
A proxy is commonly deployed collaboratively with other security solutions such as a data loss prevention solution, antivirus engine, and sandbox malware analyzer, and with systems that are essential to enterprise network operations such as an authentication server and a mail server. Together, these solutions offer a unified and layered security defense infrastructure against modern-day cyber threats conjured by black hats.
Chapter 3 examines the inner workings of a secure proxy's policy engine and discusses the general concepts behind a policy system, its policy language, and the intricacies of policy execution against transactions. In this chapter, we will provide example scenarios with specific security goals and explain how to implement those security goals using a real-world secure policy system.
Overview of the ProxySG Policy Language
In this chapter, we use the Blue Coat ProxySG ...
Get Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.