Barracuda Networks 4 Especificaciones descargar pdf (Pagina 16)

Barracuda Web Filter Release 3.3

16 Chapter 2: Installation and Configuration

Network considerations

The Barracuda Web Filter appliance is a low-risk deployment because it is designed to be a bridge

within your network. The appliance can view Internet traffic that passes through the network but does

not affect its routing. To reduce the risk of interfering with important network traffic, initially set the

Barracuda Web Filter to monitor and log the spyware activity only. Determine which internal servers

and clients to exclude from spyware and virus scans.

These pre-installation considerations may help you understand some of the issues that may occur.

Routers

Make sure the default gateway is properly set to reach the Internet. Also, if you are testing the

Barracuda Web Filter in one portion of your network and move to another portion of the network for

deployment, make sure that you check the default gateway and make changes as necessary.

External DNS

Some of the considerations regarding DNS include the following issues:

Optimal DNS query response time—When the Barracuda Web Filter is in Active mode, it proxies all

Internet requests for the clients. As a result, the Barracuda Web Filter needs to resolve website

hostnames to IP addresses while proxying the HTTP requests made by the users. The response for

DNS queries needs to be optimal to allow the Barracuda Web Filter to look up and quickly process

these requests. A slow DNS server will cause the Barracuda Web Filter to respond slowly to clients,

which adds latency to their Internet access.

Requests for fully qualified Web application server names—If a user attempts to browse to a Web

site by specifying a Web server name is not a fully qualified name that includes the domain name, the

Barracuda Web Filter automatically appends the string

barracuda.com to the unqualified name in

order to resolve the request. For example, if the user enters the server name

myserver instead of

myserver.mydomain.com, the Barracuda Web Filter resolves the request using the hostname

myserver.barracuda.com.

Internal DNS

If you have an internal server that is only resolvable via an internal DNS, make sure that this DNS

server is used by the Barracuda Web Filter as a secondary DNS.

Enterprise class Layer 3 switch, VLANS, VPN concentrators

These device types are normally capable of handling multiple subnets and providing default routes to

clients. However, they may affect the Barracuda Web Filter deployment in the following ways:

• A Layer 3 switch can also be set up to have multiple VLANs (Virtual Local Networks) using

port assignments. There is no side effect by having VLAN tags in the traffic that is visible to the

Barracuda Web Filter. However, when the Barracuda Web Filter is set up to a single subnet, it

needs to have routes to process requests for other subnets.

• A standard solution is to add static routes to these foreign subnets. All Layer 3 switch subnets

should use its IP address as the gateway. In the case of a VPN concentrator, use the IP of the

concentrator as the default gateway for all the networks aggregated by that VPN concentrator.

1 2 ... 11 12 13 14 15 16 17 18 19 20 21 ... 91 92

Sin comentarios

Barracuda Networks 4 Especificaciones Pagina 16