CacheGuard OS
User's Guide - Version EH-1.3.7


General Modes

CacheGuard is an integrated appliance that secures and optimises Web traffic by providing multiple features. But above all CacheGuard is a network appliance with a myriad of network characteristics.

All network and functionality modes can be activated or deactivated. That way, you can implement the appliance in your infrastructure to match your specific needs. The command "mode" allows you to activate or deactivate feature modes. For almost every feature, appropriate commands allow you to configure that feature while the feature activated.

Note that the command "apply" should be invoked after activating or deactivating feature modes.

Network Modes

IP router

The appliance may act as a secure IP forwarding gateway to access the Internet. To activate the router mode use the following command:

Caching DNS

The appliance integrates a caching Domain Name Server for all Internet domains. To activate the dns mode use the following command:

DHCP server

The appliance integrates a DHCP server. To activate the dhcp mode use the following command:

See the command dhcp for further information.

Sharing Web access

The appliance may NAT all outgoing traffic with its own external network interface. To activate the snat mode use the following command:

Statefull Firewall

The appliance integrates a stateful configurable firewall to control all forwarded network traffic. To activate the firewall mode use the following command:

See the command firewall for further information.

802.1q VLAN

The appliance supports 802.1q Virtual LAN to secure and isolate different traffic types. To activate the vlan mode use the following command:

See the command "vlan" for further information.

High Availability

The appliance could be implemented in a High Availability infrastructure. It supports VRRP and link bonding. The command "vrrp" allows you to configure the VRRP while the command "link" is used to configure the link bonding). To activate the ha mode use the following command:

Feature Modes

Quality of Service (QoS)

The appliance can shape and schedule network traffic to offer a better Quality of Service. To activate the qos mode use the following command:

See the command qos for further information.

Forwarding proxy

The appliance may act as a forwarding Web proxy to secure and optimise Web user traffic. To activate this feature (web mode) use the following command:

Anonymous browsing

The appliance may alter some HTTP headers to make anonymous HTTP requests. To activate the anonymous mode use the following command:

Reverse proxy

The appliance may act as a reverse Web proxy to secure and optimise Web servers. To activate this feature (rweb mode) use the following command:

See the command rweb for further information.

Transparent implementation

The appliance can be implemented transparently for Web users. This means that Web users don't need to specify the appliance as a Web proxy. To activate the transparent mode use the following command:

SSL Mediation

The appliance can be implemented to act as an SSL mediator and decrypt HTTPS traffic in order to block viruses and/or cache its content. To activate the sslmediate mode use the following command:

URL guarding

The appliance may act as a guarding system against unwanted URLs, restricting the Web usage. To activate the guard mode use the following command:

See the command guard for further information.

The Web Application Firewall

The appliance may filter unwanted Web requests like XSS or SQL Injection to protect Web servers. To activate the waf mode use the following command:

See the command waf for further information.

The antivirus

The appliance may filter all malware like viruses, trojans and worms to protect Web user workstations and/or Web servers. To activate the mode use the following command:

See the command antivirus for further information.

Web caching

The appliance may cache Web traffic to save the network bandwidth and in some environments accelerate Web traffic exchanges. To activate the cache mode use the following command:

HTML compression

The appliance may compress textual content to save the network bandwidth. To activate the compress mode use the following command:

Access logging

The appliance may log Web access for analysis with your favourite log analyser system. To activate the log mode use the following command:

See the command log for further information.

Authentication

The appliance may authenticate users before granting them access to the Web (or Web servers in reverse mode). To activate the authenticate mode use the following command:

See the command authenticate for further information.