About Proxy Actions

A proxy action is a specific group of settings, sources, or destinations for a type of proxy. Because your configuration can include several proxy policies of the same type, each proxy policy uses a different proxy action. Each proxy policy has predefined, or default, proxy actions for clients and servers. For example, you can use one proxy action for packets sent to a POP3 server protected by the XTM device, and a different proxy action to apply to email messages retrieved by POP3 clients. You can clone, edit, and delete proxy actions in your XTM device configuration.

Fireware XTM proxy actions are divided into two categories: predefined proxy actions , and user-defined proxy actions. The predefined proxy actions are configured to balance the accessibility requirements of a typical company, with the need to protect your computer assets from attacks. You cannot change the settings of predefined proxy actions. Instead, you must clone (copy) the existing predefined proxy action definition and save it as a new, user-defined proxy action. You cannot configure subscription services, such as Gateway AntiVirus, for predefined proxy actions. For example, if you want to change a setting in the POP3-Client proxy action, you must save it with a different name, such as POP3-Client.Standard.1.

In Fireware XTM OS v11.9.3 or higher, the new default predefined proxy actions have "Standard" appended to the proxy action name. These settings are updated from previous defaults to reflect the latest Internet network traffic trends.

You can create many different proxy actions for either clients or servers, or for a specified type of proxy policy. However, you can assign only one proxy action to each proxy policy. For example, a POP3 policy is linked to a POP3-Client proxy action. If you want to create a POP3 proxy action for a POP3 server, or an additional proxy action for POP3 clients, you must add new POP3 proxy policies to Policy Manager that use those new proxy actions.

Set the Proxy Action in a Proxy Policy

To set the proxy action for a proxy policy when you add a new policy:

  1. Select Firewall > Firewall Policies.
    The Firewall Policies page appears.
  2. Click Add Policy.
    The Select a policy type page appears.
  3. Select Proxies.
  4. From the Proxies drop-down lists, select the proxy policy and proxy action for this policy.
  5. Click Add Policy.

To change a proxy action for an existing proxy policy:

  1. Select Firewall > Firewall Policies.
    The Firewall Policies page appears.
  2. Select the proxy policy you want to change.
    The Edit page appears.
  3. Select the Proxy Action tab.
  4. From the Proxy Action drop-down list, select the proxy action to use with this policy.
  5. Click Save.

Clone, Edit, or Delete Proxy Actions

To manage the proxy actions for your XTM device, you can clone, edit, and delete proxy actions. You can clone, edit, or delete any user-defined proxy action. You cannot make changes to predefined proxy actions, or delete them. You also cannot delete user-defined proxy actions that are used by a policy.

If you want to change the settings in a predefined proxy action, you can clone it and create a new, user-defined proxy action with the same settings. You can then edit the proxy action to modify the settings as necessary. If you choose to edit a predefined proxy action, you cannot save your changes. Instead, you are prompted to clone the changes you have made to a new, user-defined proxy action.

When you edit a proxy action, you can change the rules and rulesets, and the associated actions. Each proxy action includes proxy action rules, which are organized into categories. Some categories are further subdivided into subcategories of rules.

The available categories of settings for each proxy action appear in an accordion list, with section headers that are always visible. When you select the section header for a category, the category section expands and the settings and rules for each category appear on the category panel. If the category includes more than one subcategory of settings, a link bar navigation menu appears at the top of the category panel.

For more information on the available proxy action settings for each proxy, see the About topic for that proxy.

About the DNS-Proxy About the POP3-Proxy
About the FTP-Proxy About the SIP-ALG
About the H.323-ALG About the SMTP-Proxy
About the HTTP-Proxy About the TCP-UDP-Proxy
About the HTTPS-Proxy  

Clone or Edit a Proxy Action

You can clone both predefined and user-defined proxy actions. But, you can only edit a user-defined proxy action.

  1. Select Firewall > Proxy Actions.
    The Proxy Actions page appears.

Screen shot of the Proxy Actions page

  1. Select the proxy action to clone or edit.
  2. Click Clone or Edit.

If you selected to clone a proxy action, the Clone Proxy Action page appears.

Screen shot of the Clone Proxy Action page

If you selected to edit a proxy action, the Edit Proxy Action page appears.

Screen shot of the Edit Proxy Action page

  1. Select a category tab to see the options for that category.
    If the category you selected includes subcategories, a drop-down list expands to show the available subcategories. Select a subcategory.
    The content for the selected category appears. .

Screen shot of the Edit Proxy Action HTTP Request settings for the HTTP-Client proxy action

  1. Edit the rules and settings for the proxy action for all the necessary categories.
  2. Click Save.

You can also clone a proxy action when you edit the configuration of a proxy policy that uses a predefined proxy action.

  1. From the Edit page for a proxy, select the Proxy Action tab.
  2. From the Proxy Action drop-down list, select Clone the current proxy action.
    The proxy action settings appear.
  3. In the Name text box, type a new name for the proxy action.
  4. Configure the settings for the proxy action.
  5. Click Save.

Delete a Proxy Action

You cannot delete predefined proxy actions. You can only delete user-defined proxy actions that are not used by a policy.

  1. Select Firewall > Proxy Actions.
    The Proxy Actions page appears.

Screen shot of the Proxy Actions page

  1. Select the proxy action to delete.
  2. Click Remove.
    A confirmation dialog box appears.
  3. To delete the proxy action, click Yes.
    The proxy action is removed from your device configuration.

See Also

About Proxy Policies and ALGs

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base