Blue Coat Systems Time Clock Proxy SG Manuel D’Utilisation
ProxySG Content Policy Language Guide
272
Forward Policy File
A file you create or that might be created during an upgrade from prior SGOS versions,
and that you maintain to supplement any policy described in the other three policy files.
It is normally used for forwarding policy. The Forward policy file is always last in the
evaluation order.
and that you maintain to supplement any policy described in the other three policy files.
It is normally used for forwarding policy. The Forward policy file is always last in the
evaluation order.
Forwarding policy is generally distinct and independent of other policies, and is often
used as part of maintaining network topologies.
used as part of maintaining network topologies.
Forwarding policy can also be created and maintained through the Visual Policy
Manager.
Manager.
layer
A CPL construct for expressing the rules for a single policy decision. Multiple layers can
be used to make multiple decisions. Layers are evaluated in top to bottom order.
Decisions made by later layers can override decisions made by earlier layers. Layer
evaluation terminates on the first rule match.
be used to make multiple decisions. Layers are evaluated in top to bottom order.
Decisions made by later layers can override decisions made by earlier layers. Layer
evaluation terminates on the first rule match.
Five layer types exist. The layer type defines the transactions evaluated against this
policy and restricts the triggers and properties allowed in the rules used in the layer.
policy and restricts the triggers and properties allowed in the rules used in the layer.
Each of the five types of layers are allowed in any policy file.
Local Policy File
A file you create and maintain on your network for policy specific to one or more
ProxySG appliances. This is the file you would normally create when writing CPL
directly with a text editor, for use on some subset of the ProxySG appliances in your
organization.
ProxySG appliances. This is the file you would normally create when writing CPL
directly with a text editor, for use on some subset of the ProxySG appliances in your
organization.
On upgrade from a CacheOS 4.x system, the local file will contain any filter rules
configured under the old system.
configured under the old system.
Match
When a rule is evaluated, if all triggers evaluate to true, then all properties specified are
set. This is often referred to as a rule Match (for example in policy tracing.)
set. This is often referred to as a rule Match (for example in policy tracing.)
Miss
When a rule is evaluated, if any trigger evaluates to false, all properties specified are
ignored. This is often referred to as a rule Miss (for example in policy tracing.)
ignored. This is often referred to as a rule Miss (for example in policy tracing.)
N/A
The rule can't be evaluated for this transaction and is being skipped. N/A happens, for
example, when you try to apply a streaming condition to an FTP transaction.
example, when you try to apply a streaming condition to an FTP transaction.
policy files
Any one of four files that contain CPL: Central, Local, VPM, or Forward. When the policy
is installed, the contents of each of the files is concatenated according to the evaluation
order.
is installed, the contents of each of the files is concatenated according to the evaluation
order.
policy trace
A listing of the results of policy evaluation. Policy tracing is useful when troubleshooting
policy.
policy.
property
A CPL setting that controls some aspect of transaction processing according to its value.
CPL properties have the form property(setting).
CPL properties have the form property(setting).
At the beginning of a transaction, all properties are set to their default values, many of
which come from the configuration settings.
which come from the configuration settings.
<Proxy>
layer
One of the five layer types allowed in a policy, used to list policy rules that control access
to proxy services configured on the ProxySG.
to proxy services configured on the ProxySG.
Rules in the <Proxy> layer include user authentication and authorization requirements,
time of day restrictions, and content filtering.
time of day restrictions, and content filtering.
proxy transaction
A transaction created for each request received over the proxy service ports configured
on the ProxySG. The proxy transaction covers both the request and its associated
response, whether fetched from the origin server or the local object store.
on the ProxySG. The proxy transaction covers both the request and its associated
response, whether fetched from the origin server or the local object store.
request
transformation
transformation
A modification of the request for an object (either the URL or Headers). This modification
might result in fetching a different object, or fetching the object through a different
mechanism.
might result in fetching a different object, or fetching the object through a different
mechanism.