Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Deployment modes and supported features of InterScan Web Security Virtual Appliance (IWSVA)

    • Updated:
    • 29 Jan 2016
    • Product/Version:
    • InterScan Web Security Virtual Appliance 5.6
    • Platform:
    • Linux - Red Hat RHEL 4 64-bit
    • Linux - Red Hat RHEL 5 64-bit
    • Linux - Red Hat RHEL 6 64-bit
Summary

See what features are supported in the different deployment modes of InterScan Web Security Virtual Appliance (IWSVA). Use this as a guide when deploying IWSVA to your gateway infrastructure.

Details
Public

Select your IWSVA version:

Refer to this table for the deployment modes, daemons involved, and supported features:

DaemonModeSupport for HTTPSupport for FTPSupport for LDAPSupport for Intelli TunnelProtocol-based1# of Connections made
HTTPForward ProxyYesYes2Yes3YesYes+1
ICAPYesYes4Yes5Yes6Yes+2/4
FTPFTP ProxyNoYesNoNoYes+1
HTTP + FTPBridge modeYesYesNoYes7No+1

1 - Protocol-based; relies on the protocol (FTP/HTTP) and not on the packet type / port (TCP,Dst: 80).
2 - Supports FTP-over-HTTP.
3 - No support for Active Directory and NTLM authentication in Downstream Squid proxy mode.
4 - Supports native FTP and FTP-over-HTTP.
5 - No LDAP support if Request Modification Mode is not used.
6 - Only the Instant Messaging Protocols can be identified and blocked.
7 - Only the Authentication Connections requests can be identified and blocked.

 
  • FTP-over-HTTP is not supported in ICAP mode when using Cisco CE.
  • IWSVA does not support anti-pharming in Dependent mode (Forward Proxy).

Refer to this table for the deployment modes, daemons involved, and supported features:

DaemonModeSupport for HTTPSupport for HTTPS DecryptionSupport for FTPSupport for LDAPSupport for Intelli TunnelProtocol-based1# of Connections made
HTTPForward ProxyYesYes8Yes2Yes3YesYes+1
ICAPYesNoYes4Yes5Yes6Yes+2/4
FTPFTP ProxyNoNoYesNoNoYes+1
HTTP + FTPBridge modeYesYesYesNoYes7No+1

1 - Protocol-based; relies on the protocol (FTP/HTTP) and not on the packet type / port (TCP,Dst: 80).
2 - Supports FTP-over-HTTP.
3 - No support for Active Directory and NTLM authentication in Downstream Squid proxy mode.
4 - Supports native FTP and FTP-over-HTTP.
5 - No LDAP support if the Request Modification Mode is not used.
6 - Only the Instant Messaging Protocols can be identified and blocked.
7 - Only the Authentication Connections requests can be identified and blocked.
8 - Not supported on Simple Transparency Mode.

 
  • FTP-over-HTTP is not supported in ICAP mode when using Cisco CE.
  • IWSVA does not support anti-pharming in Dependent mode (Forward Proxy).

Refer to this table for the deployment modes, daemons involved, and supported features:

DaemonModeSupport for HTTPSupport for HTTPS DecryptionSupport for FTPSupport for LDAPSupport for Intelli TunnelProtocol-based10# of Connections made
HTTPForward ProxyYes1Yes2Yes3Yes5YesYes+1
ICAPYesNoYes4Yes6Yes8Yes+2/4
FTPFTP ProxyNoNoYesNoNoYes+1
HTTP + FTPBridge modeYesYesYesYes7Yes9No+1
WCCPYesYesYesYes7YesNo+1

1 - IWSVA does not support anti-pharming in Dependent mode (Forward Proxy).
2 - Not supported on Simple Transparency Mode.
3 - Supports FTP-over-HTTP.
4 - Supports native FTP and FTP-over-HTTP. However, FTP-over-HTTP is not supported in ICAP mode when using Cisco CE.
5 - No support for Active Directory and NTLM authentication in Downstream Squid proxy mode.
6 - No LDAP support unless the Request Modification Mode is used.
7 - Only when WMI Windows Client or DC Agent Query is enabled (for HTTP only).
8 - Only the Instant Messaging Protocols can be identified and blocked.
9 - Only the Authentication Connections requests can be identified and blocked.
10 - Protocol-based; relies on the protocol (FTP/HTTP) and not on the packet type / port (TCP,Dst: 80).

Refer to this table for the deployment modes, daemons involved, and supported features:

DaemonHTTPFTPHTTP + FTP
ModeForward ProxyReverse ProxyICAPFTP ProxyBridge ModeWCCP
Support for HTTPYes2YesYesNoYesYes
Support for HTTPS DecryptionYes3NoNoNoYesYes
Support for FTPYes4NoYes7YesYesYes
Support for LDAPYes5NoYes8NoYes9Yes9
Support for HTTP InspectionYesYes6Yes9NoYes10Yes
Support for Application ControlNoNoNoNoYesNo
Protocol-Based1YesYesYesYesNoNo
# of Connections Made+1+1+2/4+1+1+1

1 - Protocol-based; relies on the protocol (FTP/HTTP) and not on the packet type /port (TCP, Dst: 80).
2 - In Dependent mode (Forward Proxy), IWSVA does not support anti-pharming.
3 - Not supported on Simple Transparency Mode.
4 - Supports FTP-over-HTTP.
5 - No support for Active Directory and NTLM authentication in Downstream Squid proxy mode.
6 - Disabling HTTP Inspection is recommended because it is not necessary for this type of deployment.
7 - Supports native FTP and FTP-over-HTTP. However, FTP-over-HTTP is not supported in ICAP mode when using Cisco CE.
8 - No LDAP support unless the Request Modification Mode is used.
9 - Only when WMI Windows Client or DC Agent Query is enabled (for HTTP only).
10 - Only the Authentication Connections requests can be identified and blocked.

Refer to this table for the deployment modes, daemons involved, and supported features:

DaemonHTTPFTPHTTP + FTP
ModeForward ProxyReverse ProxyICAPFTP ProxyBridge ModeWCCP
Support for HTTPYes2YesYesNoYesYes
Support for HTTPS DecryptionYes3NoNoNoYesYes
Support for FTPYes4NoYes7YesYesYes
Support for LDAPYes5NoYes8NoYesYes
Support for HTTP InspectionYesYes6YesNoYes9Yes
Support for Application ControlYesNoNoNoYesNo
Protocol-Based1YesYesYesYesNoNo
# of Connections Made+1+1+2/4+1+1+1
DLPYesNoYesNoYesYes
BotnetYesNoNoNoYesYes

1 - Protocol-based; relies on the protocol (FTP/HTTP) and not on the packet type / port (TCP, Dst: 80).
2 - In Dependent mode (Forward Proxy), IWSVA does not support anti-pharming.
3 - Not supported on Simple Transparency Mode.
4 - Supports FTP-over-HTTP.
5 - No support for Active Directory and NTLM authentication in Downstream Squid proxy mode.
6 - Disabling HTTP Inspection is recommended because it is not necessary for this type of deployment.
7 - Supports native FTP and FTP-over-HTTP. However, FTP-over-HTTP is not supported in ICAP mode when using Cisco CE.
8 - No LDAP support unless the Request Modification Mode is used.
9 - Only the Authentication Connections requests can be identified and blocked.

Premium
Internal
Rating:
Category:
Configure; Deploy; Install; SPEC
Solution Id:
1096822
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.