CacheGuard-OS
User's Guide - Version UF-2.1.3


Overview

The User's Guide allows you to quickly and briefly learn how to configure and administrate a CacheGuard appliance. To get a detailed description of each used command in this guide, you are invited to refer to the Commands Manual. The Web administration GUI that comes with CacheGuard-OS is a front end to the CLI, and hence is not separately documented.

CacheGuard Gateway allows you to connect your networks to the internet with security and peace of mind and protects your IT infrastructures against harmful traffic. In addition, with CacheGuard Gateway you can offer the QoS (Quality of Service) required by your most critical network traffic such as VoIP . What makes CacheGuard Gateway a unique solution is that it works in 2 senses: in forwarding mode it protects your connected users to the internet while in reverse mode it protects your Web applications. To get a CacheGuard Gateway you can simply install CacheGuard-OS on the machine of your choice. The only limitation is that you will need 2 NIC (Network Interface Cards) on that machine. To get help on CacheGuard-OS installation, please refer to the Getting Started section.

CacheGuard-OS embeds a variety of network security and traffic optimisation features such as, but not limited to, firewall, VPN, Web antivirus, filtering proxy, reverse proxy, WAF, traffic shaping and Web caching. All those features can be securely and efficiently activated at the same time on the same machine to take maximum advantage of the machine on which it runs.

Using CacheGuard-OS

Implementing and configuring CacheGuard-OS is easy and quick even if you are not a network and security expert. With CacheGuard-OS all the complexity of integrated open source software is put under the hood to allow you to just have to turn on the key and benefit from an extraordinary engine.

CacheGuard Gateway Functions:

CacheGuard-OS Network Optimization

  • Network Appliance
  • Internet Gateway
  • Web Load Balancer
  • 802.1q VLANs
  • Support of NTP
  • Traffic Shaping
  • DHCP Server
  • Caching DNS
CacheGuard-OS IP security

  • Internal/External/Auxiliary zoning
  • Forwarding and Reverse Web Proxy
  • Transparent HTTP Proxy
  • Proxy chaining and parallel implementation
  • Access lists
  • IP Firewall with NAT and PAT
  • IPsec VPN in Site to Site or Remote Access modes
  • Blocking Synflood, Port Scan, Spoofing...
CacheGuard-OS Web Security

  • URL Guarding based on URL blacklists and white lists and regular expressions
  • URL Guarding Policies based on access time, IP and LDAP requests
  • Automatic blacklists updating
  • Web Application Firewall (XSS, SQL Injection...)
  • Access Logging
  • LDAP & Kerberos AD© authenticating
  • SSL Terminator
  • SSL Mediator/Inspector
  • Antivirus at the Web Gateway
  • Antivirus as a service (for emails)
CacheGuard-OS High Availability

  • RAID capabilities
  • Backup & Restore on spare machine
  • Ethernet link bonding
  • VRRP Redundancy
  • Multi WAN support
CacheGuard-OS Web Optimization

  • Persistent Web caching
  • HTTP Compression
  • Web Cache sharing
  • Traffic Shaping
CacheGuard-OS Administration

  • CLI (Command Line Interface) configuration
  • Console port administration
  • Remote administration with Web GUI and SSH
  • Logging to remote SysLog servers
  • SNMP agent and trap generation