Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Planning network traffic protection for InterScan Web Security Virtual Appliance (IWSVA) 5.6

    • Updated:
    • 27 Jan 2016
    • Product/Version:
    • InterScan Web Security Virtual Appliance 5.6
    • Platform:
    • N/A N/A
Summary

IWSVA can be deployed in different modes to help secure your network. Learn more about the deployment topologies supported by IWSVA.

Details
Public

Transparent Bridge Mode

IWSVA acts as a bridge between network devices such as routers and switches. IWSVA scans passing HTTP and FTP traffic without the need to modify the browser or network settings. This is the easiest deployment mode with traffic being scanned in both directions. An additional dependency for this deployment mode is two network interface cards per transparent bridge segment protected with IWSVA. We recommend that the following network cards be used to ensure maximum compatibility in this deployment mode:

  • ? Broadcom NetXtreme Series
  • ? Intel Pro/1000 PT Dual Port Server Adapter
  • ? Intel Pro/1000 MF Dual Port Fiber

IWSVA 5.6 features an optional High Availability (HA) deployment mode. In this mode, two IWSVA 5.6 nodes are configured as an HA cluster. In this configuration one of the nodes is designated as the parent, or active node, and is connected to a child, or passive node, through a “heartbeat” link.

In HA deployment mode, the parent node processes all “live” traffic while the child node remains in a passive state. If a failure in the parent node is detected, the child node then becomes the active node and the parent node is taken offline.

The HA deployment mode is only supported in Transparent Bridge mode.

Forward Proxy Mode

IWSVA acts as an upstream proxy for network clients. Client browser settings must be configured to redirect traffic to IWSVA. IWSVA scans HTTP and FTP traffic and there is no separate need for another dedicated proxy server. Content is scanned in both the inbound and outbound directions.

The Forward Proxy Mode also forwards all traffic to another upstream proxy server.

Reverse Proxy Mode

IWSVA is deployed in front of a Web server. IWSVA scans HTTP and FTP content from the clients that are uploaded to a Web server as well as content that is downloaded from the Web server to the clients and helps secure the Web server.

ICAP Mode

IWSVA acts as an ICAP proxy and accepts ICAP connections from an ICAP v1.0 compliant cache server. Cache servers can help reduce the overall bandwidth requirements and reduce latency by serving cached content locally. IWSVA scans and secures all content returned to the cache server and to the clients.

Simple Transparency Mode

IWSVA's Forward Proxy Mode supports simple transparency with popular Layer 4 load balancing switches and provides HTTP scanning without the need to modify the client's browser settings.

WCCP Mode

IWSVA works with Cisco's WCCP protocol to provide content scanning for Web and FTP traffic without the need to modify client configurations and allows redundancy and saleability to be designed into the architecture without additional hardware.

Premium
Internal
Rating:
Category:
Deploy; Install
Solution Id:
1097142
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.