HTTP-Proxy Best Practices

WatchGuard recommends you use HTTP-Proxy policies for any HTTP traffic between your network and external hosts.

When you configure the HTTP Proxy, make sure to choose the correct Proxy Action for the policy. For a policy that handles traffic from your network to external web hosts, use the HTTP-Client.Standard proxy action. For a policy that handles traffic to servers on your network from external users, use the HTTP-Server.Standard proxy action.

Logging and Reports

If your Firebox is configured to send log messages to a Log Server or Dimension, you can create reports for HTTP traffic by your users. Make these changes to your configuration to improve the reports for HTTP:

  • In the General section of each HTTP Proxy action, make sure that the Enable Logging for Reports check box is selected.
  • If you use Active Directory authentication, make sure your Firebox is configured to use Single Sign-On. This will allow you to create reports based on the authenticated user names. To learn more about authentication with Single Sign-On, go to How Active Directory SSO Works.

Related Topics

About Proxy Policies and ALGs