Use a Caching Proxy Server
Because your users can look at the same websites frequently, a caching proxy server increases the traffic speed and decreases the traffic volume on the external Internet connections. Although the HTTP-proxy on the Firebox does not cache content, you can use a caching proxy server with the HTTP proxy. All Firebox proxy and WebBlocker rules continue to have the same effect.
The Firebox connection with a proxy server is the same as with a client. The Firebox changes the GET function to: GET / HTTP/1.1 to GET www.mydomain.com / HTTP/1.1 and sends it to a caching proxy server. The proxy server moves this function to the web server in the GET function.
Use an External Caching Proxy Server
To set up your HTTP-proxy to work with an external caching proxy server:
- Configure your caching proxy server.
- In the HTTP Proxy Action configuration, select Web Cache Server.
- Select the Use external caching proxy server for HTTP traffic check box.
- In the IP Address and Port text boxes, type the IP address and port for the external caching proxy server.
- To change settings for another category in this proxy, see the topic for that category.
- Save the configuration.
If you modified a predefined proxy action, when you save the changes you are prompted to clone (copy) your settings to a new action.
For more information on predefined proxy actions, go to About Proxy Actions.
Use an Internal Caching Proxy Server
You can also use an internal caching proxy server with your Firebox.
To use an internal caching proxy server:
- Configure the HTTP-proxy action with the same settings as for an external proxy server.
- In the same HTTP-proxy policy, allow all traffic from the users on your network whose web requests you want to route through the caching proxy server.
- Add an HTTP packet filter policy to your configuration.
- Configure the HTTP packet filter policy to allow traffic from the IP address of your caching proxy server to the Internet.
- If necessary, manually move this policy up in your policy list so that it has a higher precedence than your HTTP-proxy policy.