Manage Proxy Communication with the Endpoint Security Manager

To enable the Endpoint Security Manager (ESM) to obtain the most up-to-date security policy and leverage WildFire threat intelligence it is important to enable communication from the ESM to external resources such as WildFire and the content update server. In ESM deployments that do not have direct access to the internet, you can set up a proxy server to facilitate communication with external resources.
To set up the ESM to forward traffic through a proxy server, you must configure the proxy configuration for the ESM Console and each ESM Server independently; However, you can use the same proxy server for all ESM components, or you can configure the ESM components to use different proxy servers. For example, you might want to use different proxy servers for each ESM Server if your servers are geographically distributed and your proxy servers are located near the ESM Servers.
The ESM also supports unauthenticated or authenticated proxy communication.
Perform the following tasks to manage proxied communication.
After you enable proxy communication, the ESM components immediately begin forwarding traffic to the proxy server.
  • Configure proxy communication for the ESM Console.
    This enables the ESM Console to communicate with the following external resources:
    • WildFire—Enables the ESM Console to obtain WildFire reports about executable files.
    • Content update server—Enables the ESM Console to identify and download new content updates. To review your content update preferences, see Manage Content Updates.
    1. From the ESM Console, select
      Settings
      ESM
      Settings
      .
    2. Enable
      Proxy
      communication.
    3. Configure the proxy server to use for communication between the ESM Console and external resources.
      • Enter the FQDN or IP address of the proxy server in the
        Proxy Host/IP
        field and a
        Proxy Port
        number (default is 8080).
      • (
        Optional
        ) To use authenticated proxy communication, enable
        Proxy Authentication
        and then enter the
        Username
        and
        Password
        —using only ISO-8859-1 characters—the ESM Console will use to authenticate with the proxy server.
    4. Save
      your changes to the ESM Console Configuration.
  • Configure proxy communication for the ESM Server.
    This enables the ESM Server to obtain the latest verdicts from WildFire and submit unknown files for analysis.
    1. Select
      Settings
      ESM
      Multi ESM
      .
    2. Select the row for the ESM Server for which you want to configure proxy communication. The ESM Console displays the settings associated with the server.
    3. Edit
      the settings for the server.
    4. Enable
      Proxy
      communication.
    5. Configure the settings for the proxy server to use for communication between the ESM Server and external resources.
      • Enter the FQDN or IP address of the proxy server in the
        Proxy Host/IP
        field and a
        Proxy Port
        number (default is 8080).
      • (
        Optional
        ) To use authenticated proxy communication, enable
        Proxy Authentication
        and then enter the
        Username
        and
        Password
        —using only ISO-8859-1 characters—the ESM Console will use to authenticate with the proxy server.
    6. Save
      your changes to the ESM Server configuration.
    7. Repeat this process to configure proxy configuration for other ESM Servers, if desired.
      You can configure the same proxy settings across multiple ESM Servers, or configure proxy settings that are unique to each server.
    For more information, see Manage Multiple ESM Servers.

Recommended For You