HTTP-Proxy Best Practices
WatchGuard recommends you use HTTP-Proxy policies for any HTTP traffic between your network and external hosts.
When you configure the HTTP Proxy, make sure to choose the correct Proxy Action for the policy. For a policy that handles traffic from your network to external web hosts, use the HTTP-Client action. For a policy that handles traffic to servers on your network from external users, use the HTTP-Server action.
Logging and Reports
If your Firebox device is configured to send log messages to a Log Server or Dimension System, you can create reports for HTTP traffic by your users. Make these changes to your configuration to improve the reports for HTTP:
- In the General section of each HTTP Proxy action, make sure that the Enable Logging for Reports check box is selected.
- If you use Active Directory authentication, make sure your Firebox device is configured to use Single Sign-On. This will allow you to create reports based on the authenticated user names. To learn more about authentication with Single Sign-On, see About Active Directory Single Sign-On (SSO).