Configuring X-Header Handling Settings

about
- Maintenance Agreement [1]
about screen
- Deep Discovery Web Inspector product information [1]
- viewing firmware version [1]
- viewing product information [1]
accessing
- Command Line Interface [1]
- deployment wizard [1]
- management console [1]
- using the CLI to configure management console [1]
access logs
- sending to a syslog server [1]
access syslog
- benefits, sending to a syslog server [1]
accounts [1]
- adding [1]
- adding Active Directory user, for notifications/reports [1]
- adding for console access [1]
- adding local user [1]
- administration [1]
- editing [1]
- managing [1]
- role-based access [1]
- role classifications [1]
- using for console access [1]
- See also local user accounts
actions
- configuring for policies [1]
activating
- product licenses [1]
activating license
- during deployment [1]
activation code
- finding in license description [1]
- requirements [1]
activation codes
- for licenses [1]
Active Directory
- Active Directory Services providing integration with [1]
- adding user accounts for notifications/reports [1]
- authentication using Active Directory Services integration [1]
- configuring authentication policies for Active Directory Services [1]
- configuring global authentication settings using [1]
- enabling authentication using [1]
- Services, adding domains to [1]
- Services, managing domains [1]
- using for authentication with Captive Portal [1]
Active Directory Services
- configuring authentication policies for [1]
- integration for authentication using Active Directory [1]
- managing authentication policies [1]
- managing domains [1]
- providing integration with Microsoft Active Directory [1]
adding
- accounts [1]
- Active Directory Services authentication policies [1]
- Active Directory Services domains [1]
- approved/blocked lists [1]
- bypass/redirect policy entries [1]
- certificate exceptions [1] [2]
- custom pattern for intelligent decryption [1]
- digital certificates [1]
- domain objects [1] [2]
- domains to Active Directory Services [1]
- HTTPS decryption rules [1] [2]
- inactive CA certificates [1]
- local user accounts [1]
- network objects [1] [2]
- policies [1] [2]
- second bypass adapter [1] [2]
- Server IP addresses, domains, URLs, file (SHA1)s to the approved/blocked lists [1]
- static routes [1] [2]
- synchronized suspicious objects to the approved/blocked lists [1]
- trusted CA certificates [1]
- untrusted CA certificates [1]
- widgets to tabs [1]
admin
- default account [1]
administration [1] [2] [3] [4] [5]
- accounts, adding accounts [1]
- accounts, adding local user accounts [1]
- accounts, editing accounts or changing passwords on accounts [1]
- accounts, managing accounts [1]
- accounts, role classifications [1]
- accounts / contacts, overview [1]
- adding Active Directory user accounts for notifications/reports [1]
- admin account [1]
- back up settings [1] [2]
- components [1]
- components updates, rolling back updates [1]
- component updates [1]
- component updates, list of components [1]
- component updates, scheduling updates [1]
- component updates, updating components [1]
- configure integration with Deep Discovery Analyzer [1]
- deployment wizard [1]
- deployment wizard, accessing [1]
- deployment wizard, configuring forward proxy mode [1]
- deployment wizard, configuring LACP deployments [1]
- deployment wizard, configuring multi-bridge mode [1]
- deployment wizard, configuring transparent bridge mode [1]
- deployment wizard, configuring transparent HA mode [1]
- hotfixes [1]
- integrated products/services [1]
- integrated products/services, adding a detection syslog server [1]
- integrated products/services, Apex Central [1]
- integrated products/services, Apex Central tasks [1]
- integrated products/services, configuring threat intelligence sharing settings [1]
- integrated products/services, log settings [1] [2] [3]
- integrated products/services, overview of integration with Apex Central [1]
- integrated products/services, overview of integration with Deep Discovery Director [1]
- integrated products/services, registering Apex Central [1]
- integrated products/services, threat intelligence sharing overview [1]
- integrated products/services, unregistering Apex Central [1]
- integrated products/services, unregistering from Deep Discovery Director [1]
- integrated products/services, viewing Deep Discovery Director integration information [1]
- licenses [1]
- licenses, activating product licenses [1]
- licenses, managing product licenses [1]
- licenses, product license description [1]
- licenses, product license statuses [1]
- licenses, viewing product licenses [1]
- managing contacts [1]
- product updates, hotfixes and patches overview [1]
- product upgrades, firmware upgrades [1]
- product upgrades, managing patches [1]
- reasons to perform backups [1]
- restore settings [1] [2]
- system maintenance [1] [2]
- system maintenance, backing up or restoring a configuration [1]
- system maintenance, bypass/redirect policy priorities and precedence [1]
- system maintenance, configuring bypass/redirect policies [1]
- system maintenance, configuring bypass policies [1]
- system maintenance, configuring debug log level [1]
- system maintenance, configuring redirect policies [1]
- system maintenance, enabling/disabling bypass mode [1]
- system maintenance, exporting and downloading debug files [1]
- system maintenance, exporting debug or error logs [1]
- system maintenance, network packet capture [1] [2]
- system maintenance, network services diagnostics [1]
- system maintenance, storage log deletion settings [1] [2]
- system maintenance, storage maintenance settings [1]
- system maintenance, testing network connections [1]
- system settings [1]
- system settings, adding static routes [1]
- system settings, authentication certificates [1]
- system settings, configuring network settings [1]
- system settings, configuring proxy settings [1]
- system settings, configuring system time [1]
- system settings, managing static routes [1]
- system settings, notification SMTP server [1]
- system settings, X-Header handling [1]
- unable to restore settings [1] [2]
- Virtual Analyzer [1]
- Virtual Analyzer, configuring network connections for [1]
- Virtual Analyzer, deleting images [1]
- Virtual Analyzer, image preparation overview [1]
- Virtual Analyzer, image status and information [1]
- Virtual Analyzer, importing images [1]
- Virtual Analyzer, importing images from HTTP or FTP server [1]
- Virtual Analyzer, importing images from local source [1]
- Virtual Analyzer, modifying instances [1]
- Virtual Analyzer, network types [1]
- Virtual Analyzer, overall statuses [1]
- Virtual Analyzer, suspicious object scanning overview [1] [2]
- Virtual Analyzer, viewing status [1]
- Virtual Analyzer integration with Deep Discovery Analyzer [1]
administrator accounts
- role [1] [2]
admin menu
- changing passwords [1] [2]
advanced detection
- benefits of [1]
advanced filter list
- detected by [1]
advanced filters
- detected by, field in list of [1]
advanced persistent threats
- attach sequence [1]
- information about [1]
- protection against [1]
advanced search filters
- applying saved [1]
- creating and editing [1]
advanced threat detections in specified network groups
- critical alerts [1]
- parameters for alert [1]
Advanced Threat Indicators
- widget [1]
advanced threats
- Advanced Threat Indicators widget [1]
Advanced Threat Scan Engine [1]
- about [1]
agreement
- maintenance [1]
alert rules
- configuring alert notifications [1]
- modifying [1]
- overview [1]
alerts [1]
- adding contacts for receiving [1]
- configuring alert notifications [1]
- contacts for receiving [1]
- critical alerts [1] [2]
- informational and important alerts [1] [2]
- managing triggered [1]
- notification parameters [1]
- notification parameters for critical [1]
- notification parameters for important and informational alerts [1]
- overview [1]
- viewing, deleting, or exporting triggered [1]
- viewing triggered [1]
Android device bypass
- enabling or disabling [1]
Anti-Botnet
- detected by [1]
anti-malware (ATSE)
- detected by [1]
anti-malware (SAL)
- detected by [1]
anti-malware (SIE)
- detected by [1]
Apex Central
- checking connection status [1]
- consideration when used with threat intelligence sharing [1]
- integration with [1]
- managing tasks [1]
- overview [1]
- overview of integration with [1]
- preparing for deployment [1]
- providing synchronized suspicious objects integration with [1]
- registering [1]
- support for synchronizing suspicious objects with [1]
- synchronize suspicious objects [1]
- unregistering [1]
- viewing suspicious objects synchronized from [1]
- what functionality is integrated with [1]
appliance
- setting up for deployment [1]
approved/blocked lists
- adding Server IP addresses, domains, URLS, file (SHA1)s to the [1]
- adding synchronized suspicious objects to the [1]
- managing [1]
- viewing, adding, editing, importing, exporting [1]
approved list
- objects [1]
APT [1]
- See also advanced persistent threats
ATSE [1] [2]
- about [1]
attacker [1]
audit
- viewing audit logs [1]
audit logs
- list of what is audited [1]
- overview [1]
- viewing [1]
authentication
- configuring global settings for Active Directory [1]
- managing domains for Active Directory Services used for [1]
- policies
  - configuring authentication policies for Active Directory Services [1]
- policies,configuring for Active Directory Services [1]
- policies, managing Active Directory Services [1]
- using Active Directory for authentication with Captive Portal [1]
- using Active Directory Services for [1]
authentication certificates
- managing [1] [2]
authentication policies
- adding, viewing, modifying, duplicating, removing, and ordering Active Directory Services [1]
- configuring for Active Directory Services [1]
- enabling or disabling Active Directory Services [1]
- managing Active Directory Services [1]
auto tunneling
- HTTP decryption rules [1]
auto tunnels
- managing in the HTTPS domain tunnel list [1]
backup [1] [2]
backups
- creating to restore configuration or replicate settings across devices [1]
bandwidth
- Bandwidth Status widget [1]
Bandwidth Status
- widget [1]
basic search filters
- detections [1]
benefits
- advanced detection [1]
- description of [1]
- easy-to-use policy management [1]
- flexible deployment [1]
- HTTP/2 scanning [1]
- HTTPS inspection [1]
- patient zero protection [1]
- real-time visibility, analysis, action [1]
- send access syslogs to a syslog server [1]
- Virtual Analyzer sandbox analysis [1]
blocked list
- objects [1]
blocked URLs
- detected by [1]
Bot Pattern [1]
bridge mode
- configuring redirect and bypass policies [1]
browsers
- supported [1] [2]
- supported for deployment [1]
bypass
- policies, configuring [1]
bypass/redirect policies
- viewing, adding, editing, importing/exporting, deleting entries [1]
bypass adapter
- adding second [1] [2]
bypass mode
- enabling or disabling [1]
bypass policies
- configuring [1]
- configuring for bridge mode [1]
- managing [1]
- priorities and precedence [1]
C&C [1]
C&C Callback Detections Over Time
- widget [1]
C&C callbacks
- C&C Callback Detections Over Time widget [1]
- threat indicator [1]
C&C callbacks detected in specified network groups
- critical alerts [1]
- parameters for alert [1]
cables
- requirements [1]
callback [1]
Captive Portal
- configuring global authentication settings for [1]
- global authentication global for [1]
- overview [1]
- using Active Directory Services for authenticating with [1]
capture
- See network packet capture
capturing
- network packet captures [1]
certificate exceptions
- adding/editing [1]
- managing [1]
certificates
- adding/editing certificate exceptions [1]
- importing authentication certificates [1]
- managing certificate exceptions [1]
- managing inactive CA certificates [1]
- managing trusted CA certificates [1]
- managing untrusted CA certificates [1]
changing
- passwords [1] [2]
changing passwords
- on accounts [1]
classifications
- account role [1]
- detected by [1]
CLI [1]
- See also Command Line Interface
clients
- installing the Deep Discovery Web Inspector CA certificate on clients [1]
coin miners detected in specified network groups
- parameters for alert [1]
command-and-control [1]
command line interface
- entering the shell environment [1]
- using to configure management console access [1]
Command Line Interface
- accessing [1]
- using the [1]
components
- list of updateable [1]
- rolling back [1]
- updates [1]
- updating [1]
components updates
- rolling back updates [1]
component update or rollback failed
- important alerts [1]
- parameters for alert [1]
component updates
- administration [1]
- list of updateable components [1]
- updating components [1]
configuration settings
- backup or restore [1]
configuring
- authentication policies for Active Directory Services [1]
- debug log levels [1]
- forward proxy mode using deployment wizard [1]
- global authentication settings [1]
- iOS/Android device bypass [1]
- LACP transparent HA or transparent bridge deployments [1]
- management console access [1]
- multi-bridge mode using deployment wizard [1]
- network settings [1]
- notification SMTP servers [1]
- NTP servers [1]
- proxy settings [1]
- system time [1]
- threat intelligence sharing settings [1]
- transparent bridge mode using deployment wizard [1]
- transparent HA mode using deployment wizard [1]
- using the management console [1]
- X-Header handling settings [1]
connections
- Connection Status widget [1]
connection status
- Apex Central [1]
Connection Status
- widget [1]
considerations
- pre-deployment [1]
console access
- adding accounts for [1]
- using accounts for [1]
console navigation [1]
contacts
- adding for notifications alerts, and reports [1]
- administration [1]
- for receiving alerts and reports [1]
- managing [1]
- using for scheduled reports [1]
content format parameters
- syslog server profile [1]
CPU usage
- Hardware Status widget [1]
creating
- backups for restoring configuration or to replicate settings across devices [1]
critical alerts
- configuring notifications for [1]
- default alert frequency [1]
- default criteria [1]
- information about [1]
- names of [1]
- notification parameters for [1]
- overview [1]
- viewing triggered alerts [1]
CSR
- generating for HTTPS decryption rules [1] [2]
custom network
- configuring for Virtual Analyzer network connections [1]
- Virtual Analyzer network type [1]
custom pattern
- adding for intelligent decryption [1]
dashboard [1]
- adding widgets [1]
- dashboard
  - tabs [1]
- default tabs [1]
- default view [1]
- list of widgets [1]
- managing tabs [1]
- managing widgets [1]
- overview [1]
- System Status tab [1]
- System Status tab, Bandwidth Status widget [1]
- System Status tab, Connection Status widget [1]
- System Status tab, Hardware Status widget [1]
- System Status tab, Traffic Status widget [1]
- tabs [1]
- Threat Monitoring tab [1]
- Threat Monitoring tab, Advanced Threat Indicators widget [1]
- Threat Monitoring tab, C&C Callback Detections Over Time widget [1]
- Threat Monitoring tab, Ransomware Detections Over Time widget [1]
- Threat Monitoring tab, Top Affected Users widget [1]
- Threat Monitoring tab, Top Detected URLs widget [1]
- Threat Monitoring tab, Virtual Analyzer Sandbox Analysis widget [1]
- Virtual Analyzer Status tab, Virtual Analyzer Average Processing Time widget [1]
- Virtual Analyzer Status tab, Virtual Analyzer Queue widget [1]
- Virtual Analyzer tab [1]
- Virtual Analyzer tab, Suspicious Objects from Virtual Analyzer widget [1]
- widgets [1]
date
- manually setting [1]
debug files
- exporting and downloading [1]
debug log levels
- configuring [1]
debug logs
- exporting [1]
decryption categories
- HTTP decryption rules [1]
decryption domain objects
- HTTP decryption rules [1]
decryption rules
- for HTTPS, overview [1]
- viewing HTTPS [1]
decryption sources
- HTTP decryption rules [1]
Deep Discovery Analyzer
- configuring integration with [1]
- integration with [1]
- providing virtual analysis by integration with [1]
- Virtual Analyzer external integration with [1]
- Virtual Analyzer scanning using [1]
Deep Discovery Analyzer integration [1]
Deep Discovery Director
- consideration when used with threat intelligence sharing [1]
- integration with [1]
- overview of integration with [1]
- providing centralized management by integration with [1]
- providing synchronized suspicious objects integration with [1]
- support for synchronizing suspicious objects with [1]
- viewing information about integration with [1]
- viewing suspicious objects synchronized from [1]
Deep Discovery Malware Pattern [1]
Deep Discovery Trusted Certificate Authorities [1]
default
- dashboard view [1]
- widgets displayed in predefined tabs [1]
default account
- admin [1]
default policy
- how it works [1]
- overview [1]
- what you can and cannot do with [1]
delete admin accounts [1]
deleting
- bypass/redirect policies [1]
- certificate exceptions [1]
- digital certificates [1]
- inactive CA certificates [1]
- static routes [1]
- triggered alerts [1]
- trusted CA certificates [1]
- untrusted CA certificates [1]
- Virtual Analyzer images [1]
deleting, editing, adding
- accounts [1]
deploying
- forward proxy mode using deployment wizard [1]
- LACP using deployment wizard [1]
- multi-bridge mode using deployment wizard [1]
- transparent bridge mode using deployment wizard [1]
- transparent HA mode using deployment wizard [1]
deployment [1]
- activating the license [1]
- Apex Central [1]
- benefits of flexible [1]
- browser and system requirements [1]
- deployment mode overview [1]
- enabling and starting SSH service [1]
- forward proxy mode [1]
- initial deployment for LACP [1]
- initial deployment of forward proxy mode [1]
- initial deployment of multi-bridge mode [1]
- initial deployment of transparent bridge mode [1]
- initial deployment of transparent HA mode [1]
- items to prepare [1]
- LACP [1]
- multi-bridge mode [1]
- opening the management console [1]
- ports used by appliance [1]
- recommended network environment [1]
- setting up the appliance [1]
- setting up the hardware [1]
- tasks to perform before [1]
- transparent bridge mode [1] [2]
- transparent bridge mode with trunks [1]
- transparent HA [1]
- transparent HA mode [1]
- transparent HA mode with trunk links [1]
- using CLI to configure management console access [1]
- using the deployment wizard [1]
deployment mode
- forward proxy [1]
- multi-bridge [1]
- transparent bridge [1] [2]
- transparent bridge with trunk links [1]
- transparent bridge with trunks [1]
- transparent HA [1] [2] [3]
- transparent HA with trunk links [1]
- with LACP [1]
deployment modes
- ports used for each mode [1]
deployment wizard
- accessing [1]
- accessing and configuring deployments using the [1]
- configuring forward proxy mode [1]
- configuring LACP deployments [1]
- configuring multi-bridge mode [1]
- configuring transparent bridge mode [1]
- configuring transparent HA mode [1]
- initial deployment for LACP [1]
- initial deployment of forward proxy mode [1]
- initial deployment of multi-bridge mode [1]
- initial deployment of transparent bridge mode [1]
- initial deployment of transparent HA mode [1]
- performing initial deployment [1]
detected by
- advanced filter [1]
- classifications [1]
- classifications for detection [1]
detection [1]
detection details
- investigating [1]
- list of [1]
detection logs
- sending to a syslog server [1]
detections [1]
- advanced filters, detected by [1]
- applying saved advanced search filters [1]
- basic search filters [1]
- creating advanced search filters [1]
- detected by classifications [1]
- editing existing advanced search filters [1]
- investigating details about [1]
- list of detection details [1]
- overview about viewing [1]
- overview about viewing suspicious objects [1]
- risk levels [1] [2]
- suspicious domain objects [1]
- suspicious file objects [1]
- suspicious IP address objects [1]
- suspicious URL objects [1]
- threat indicator classifications [1]
- threat indicators [1]
- viewing all [1]
- viewing file [1]
- viewing for affected users [1]
- viewing synchronized suspicious objects [1]
- viewing URL [1]
- Virtual Analyzer risk levels [1]
detection syslog servers
- adding [1]
diagnostics
- system maintenance, network services diagnostics [1]
digital certificate exceptions
- information about [1]
digital certificates
- information about [1]
- information about trusted, untrusted, inactive, and exception lists [1]
- managing [1]
- managing trusted, untrusted, inactive, exception lists [1]
disabling
- bypass mode [1]
disk usage
- Hardware Status widget [1]
documentation feedback [1]
domain objects
- how used in policies [1]
- managing [1]
- selecting for policies [1]
- viewing, adding, editing, removing, importing, exporting [1]
domains
- adding to Active Directory Services [1]
- enabling authentication using Active Directory Services for added [1]
- managing, for Active Directory Services [1]
- suspicious objects found by Virtual Analyzer [1]
domain tunnels
- purpose for HTTPS [1]
download and view
- threat intelligence data file [1]
Download Center
- downloading firmware [1]
- downloading patches and hotfixes [1]
- URL [1] [2]
downloader [1]
downloading
- debug files [1]
- network packet captures [1]
- patches and hotfixes [1]
duplicating
- Active Directory Services authentication policies [1]
- HTTPS decryption rules [1]
- policies [1]
edit admin account [1]
editing
- accounts [1]
- approved/blocked lists [1]
- bypass/redirect policies [1]
- certificate exceptions [1] [2]
- domain objects [1] [2]
- HTTPS decryption rules [1] [2]
- network objects [1] [2]
- notifications [1] [2]
enabling
- authentication using Active Directory Services [1]
- bypass mode [1]
enabling and starting
- SSH service [1]
enabling or disabling
- HTTPS decryption rules [1]
- policies [1]
entering
- Command Line Interface [1]
error codes
- HTTPS, why HTTPS domain tunnels are created in response to [1]
error logs
- exporting [1]
Ethernet cables
- requirements [1]
exceptions
- digital certificates [1]
- digital certificates, information about [1]
- viewing HTTPS tunnel [1]
exfiltrate [1]
expiration date
- finding in license description [1]
exporting
- approved/blocked lists [1]
- bypass/redirect policies [1]
- debug files [1]
- domain objects [1]
- network objects [1]
- triggered alerts [1]
export settings [1]
external integration
- Virtual Analyzer with Deep Discovery Analyzer [1]
features
- Active Directory Services, providing integration with Microsoft Active Directory [1]
- advanced detection [1]
- description of [1]
- easy-to-use policy management [1]
- flexible deployment [1]
- HTTP/2 scanning [1]
- HTTPS inspection [1]
- integration with Apex Central [1]
- integration with Deep Discovery Analyzer [1]
- integration with Deep Discovery Director [1]
- patient zero protection [1]
- real-time visibility, analysis, action [1]
- send access syslogs to a syslog server [1]
- Virtual Analyzer sandbox analysis [1]
files
- suspicious objects found by Virtual Analyzer [1]
- viewing detections [1]
file types
- how used in policies [1]
- policies, list when creating [1]
- selecting for policies [1]
firmware
- downloading and updating [1]
firmware version
- use about screen to view [1]
forward proxy
- deployment mode, topology overview [1]
- mode overview [1]
- requirements [1]
forward proxy mode
- accessing the deployment wizard to deploy [1]
- configuring using deployment wizard [1]
- initial configuration using the deployment wizard [1]
- initial deployment using deployment wizard [1]
- using the deployment wizard to deploy [1]
FTP servers
- importing Virtual Analyzer images from [1]
generating
- CSR for HTTPS decryption rules [1] [2]
- on-demand reports [1]
getting started [1]
- console navigation [1]
- getting started tasks [1]
- opening the management console [1]
- tasks [1]
guest user
- selecting as traffic source for policies [1]
hardware
- Hardware Status widget [1]
- setting up for deployment [1]
Hardware Status
- widget [1]
high CPU usage
- important alerts [1]
- parameters for alert [1]
high memory usage
- important alerts [1]
- parameters for alert [1]
hotfixes
- managing [1]
hot fixes
- overview [1]
HTTP/2 scanning
- benefits [1]
HTTP decryption rules
- generating an CSR for [1]
HTTPS
- overview of decryption rules for [1]
HTTPS decryption rules
- managing [1]
- overview [1]
- viewing [1]
- viewing, adding, editing, duplicating, removing, ordering, creating CSR file for [1]
HTTPS domain tunnels
- definition [1]
- exception list [1]
- managing [1]
- overview [1]
- purpose for [1]
- tunneled domains List [1]
- viewing [1]
HTTPS error codes
- why HTTPS domain tunnels are created in response to [1]
HTTP servers
- importing Virtual Analyzer images from [1]
HTTPS inspection
- benefits and features [1]
- configuring HTTPS decryption rules [1]
- managing [1]
- managing digital certificates [1]
- managing HTTPS tunnels [1]
- managing intelligent decryption [1]
- overview [1] [2]
HTTPS Inspection
- adding custom pattern for intelligent decryption [1]
- managing intelligent decryption [1]
- overview of HTTPS domain tunnels [1]
- viewing information about tunnels [1]
HTTPS policy certificates
- using as the authentication certificate [1]
HTTPS tunnel exceptions
- viewing [1]
HTTPS tunnels
- exception list [1]
- managing [1]
- overview [1]
- tunneled domains List [1]
image import tool
- Virtual Analyzer, using to import from local source [1]
image preparation
- Virtual Analyzer, overview of [1]
image preparation tool
- Virtual Analyzer, overview of [1]
images
- importing for internal virtual analyzer [1]
- viewing status for Virtual Analyzer [1]
- Virtual Analyzer, deleting [1]
- Virtual Analyzer, importing [1]
- Virtual Analyzer, importing from HTTP or FTP server [1]
- Virtual Analyzer, importing from local source [1]
- Virtual Analyzer, names of [1]
- Virtual Analyzer scanning using [1]
important alerts
- configuring notifications for [1]
- default alert frequency [1]
- default criteria [1]
- information about [1]
- names of [1]
- notification parameters for [1]
- overview [1]
- viewing triggered alerts [1]
importing
- approved/blocked lists [1]
- bypass/redirect policies [1]
- domain objects [1]
- internal virtual analyzer images [1]
- network objects [1]
- Virtual Analyzer images [1]
- Virtual Analyzer images from HTTP or FTP server [1]
- Virtual Analyzer images from local source [1]
importing certificates
- HTTP decryption rules [1]
import settings [1]
inactive
- digital certificates [1]
- digital certificates, information about [1]
inactive CA certificates
- managing [1]
information about
- digital certificates [1]
informational alerts
- configuring notifications for [1]
- default alert frequency [1]
- default criteria [1]
- information about [1]
- names of [1]
- notification parameters for [1]
- overview [1]
- viewing triggered alerts [1]
initial deployment
- using the deployment wizard [1]
installation
- getting started [1]
installing
- firmware upgrades [1]
- patches and hotfixes [1]
instances
- number deployed for Virtual Analyzer images [1]
- Virtual Analyzer, modifying [1]
integrated products/services
- adding a detection syslog server [1]
- administration of [1]
- Apex Central, managing tasks [1]
- Apex Central, overview [1]
- configuring threat intelligence sharing settings [1]
- log settings, configuring a detection syslog server [1]
- overview of integration with Apex Central [1]
- overview of integration with Deep Discovery Director [1]
- registering Apex Central [1]
- threat intelligence sharing overview [1]
- unregistering Apex Central [1]
- unregistering from Deep Discovery Director [1]
- viewing information about Deep Discovery Director integration [1]
integration [1]
- with Apex Central [1]
- with Deep Discovery Analyzer [1]
- with Deep Discovery Director [1]
- with Microsoft Active Directory with Active Directory Services [1]
intelligent decryption
- adding custom pattern for [1]
- HTTP decryption rules [1]
- managing [1]
- overview [1]
IntelliTrap Exception Pattern [1]
IntelliTrap Pattern [1]
internal virtual analyzer
- importing images [1]
introduction [1]
- Deep Discovery Web Inspector [1]
- new threat landscapes [1]
investigating
- details about a detection [1]
iOS device bypass
- enabling or disabling [1]
IP addresses
- requirements [1]
- suspicious objects found by Virtual Analyzer [1]
LACP
- adding second bypass adapter for [1] [2]
- configuring transparent bridge using deployment wizard [1]
- configuring transparent HA using deployment wizard [1]
- deployment modes that support [1]
- graphical representation of LCAP on appliance [1]
- how LCAP works with Deep Discovery Web Inspector [1]
- initial configuration using the deployment wizard [1]
- initial deployment of transparent bridge mode with [1]
- initial deployment using deployment wizard [1]
- support information [1]
- topology and overview [1]
- transparent bridge with trunks, mode overview [1]
- transparent HA mode topology using LACP trunks [1]
LACP deployments
- deployment mode, topology overview [1]
- overview and topology [1]
license
- activating during deployment [1]
license expiration
- critical alerts [1]
- parameters for alert [1]
licenses
- activating product [1]
- activation codes [1]
- maintaining [1]
- maintenance agreement [1]
- managing product [1]
- product license description [1]
- product license statuses [1]
- viewing product [1]
license type and seats
- finding in license description [1]
Link Aggregation Control Protocol
- See LACP
list
- of license statuses [1]
- of notification message tokens [1]
- of user notifications [1]
lists
- approved/blocked [1]
local or network folders
- importing Virtual Analyzer images from [1]
local user accounts
- adding for console access [1]
logs
- audit logs [1]
- configuring log deletion settings for storage maintenance [1]
- exporting debug or error [1]
- viewing audit logs [1]
log settings
- configuring for detection syslog server [1]
- to send access logs to a syslog server [1]
- to send detection violation logs to a syslog server [1]
low free disk space
- important alerts [1]
- parameters for alert [1]
maintenance
- agreement [1]
- for licensed products [1]
- maintenance agreement [1]
- product licenses [1]
- storage, configuring log deletion settings [1]
maintenance agreement [1]
Maintenance Agreement
- about [1]
- expiration [1]
- renewal [1]
management
- Virtual Analyzer [1]
management console
- navigation [1]
- opening the [1]
- using the CLI to configure [1]
management network
- configuring for Virtual Analyzer network connections [1]
- Virtual Analyzer network type [1]
management port [1]
managing
- accounts [1]
- Active Directory Services authentication policies [1]
- Apex Central tasks [1]
- approved/blocked lists [1]
- authentication certificates [1]
- bypass/redirect policies [1]
- certificate exceptions [1]
- contacts [1]
- dashboard tabs [1]
- dashboard widgets [1]
- digital certificates [1]
- domain objects [1]
- domains for Active Directory Services [1]
- HTTPS decryption rules [1]
- HTTPS domain tunnels [1]
- HTTPS inspection [1]
- HTTPS tunnels [1]
- inactive CA certificates [1]
- intelligent decryption [1]
- network objects [1]
- notifications [1] [2]
- policies [1]
- product licenses [1]
- static routes [1]
- triggered alerts [1]
- trusted CA certificates [1]
- untrusted CA certificates [1]
- user-defined settings [1]
- using the management console [1]
maximum throughput
- expected for each appliance model [1]
memory usage
- Hardware Status widget [1]
Microsoft Active Directory [1]
- See also Active Directory
modifying
- Active Directory Services authentication policies [1]
- Active Directory Services domains [1]
- alert rules [1]
- policies [1]
- Virtual Analyzer instances [1]
moving
- digital certificates [1]
- inactive CA certificates [1]
- trusted CA certificates [1]
- untrusted CA certificates [1]
multi-bride mode
- adding second bypass adapter for [1] [2]
multi-bridge
- deployment mode, topology overview [1]
- mode overview [1]
multi-bridge mode
- configuring using deployment wizard [1]
- initial configuration using the deployment wizard [1]
- initial deployment using deployment wizard [1]
navigating
- management console [1]
network
- services diagnostics, system maintenance [1]
network connections
- configuring for Virtual Analyzer [1]
Network Content Correlation Pattern [1]
Network Content Inspection Engine (Linux, User mode, 64-bit) [1]
Network Content Inspection Pattern [1]
network environment
- recommended [1]
network is down
- critical alerts [1]
- parameters for alert [1]
network is up
- important alerts [1]
- parameters for alert [1]
network objects
- managing [1]
- selecting as traffic sources for policies [1]
- viewing, adding, editing, importing/exporting, removing [1]
network packet capture
- system maintenance [1]
network packet captures
- capturing and downloading [1]
network services diagnostics
- system maintenance [1]
network setting
- ports used for each deployment mode [1]
network settings
- configuring [1]
network topology
- forward proxy mode [1]
- LACP [1]
- multi-bridge mode [1]
- overview of deployment modes [1]
- transparent bridge [1]
- transparent bridge mode [1] [2]
- transparent bridge mode with trunk links [1]
- transparent bridge mode with trunks [1]
- transparent HA [1]
- transparent HA mode [1]
- transparent HA mode with trunk links [1] [2]
network topology with LACP
- deployments [1]
network topology with trunk links
- transparent HA mode [1]
network topology with trunks
- transparent bridge [1]
network types
- Virtual Analyzer [1]
- Virtual Analyzer, custom network, management network, no access [1]
new features and enhancements [1] [2]
no access
- Virtual Analyzer network type [1]
no network access
- configuring for Virtual Analyzer network connections [1]
notifications
- adding Active Directory users for [1]
- adding contacts for receiving [1]
- configuring for alert rules [1]
- configuring SMTP server for [1]
- editing [1]
- list of message tokens [1]
- list of user [1]
- managing [1]
- parameters for alert [1]
- parameters for critical alerts [1]
- parameters for important and informational alerts [1]
- viewing and editing [1]
NTP servers
- configuring [1]
objects
- investigating detection details about [1]
- list of detection details [1]
on demand
- reports [1]
on-demand
- reports [1]
on-demand reports [1]
opening
- management console [1]
operator accounts
- role [1] [2]
ordering
- Active Directory Services authentication policies [1]
- HTTPS decryption rules [1]
- policies [1]
other
- detected by [1]
overall
- statuses, Virtual Analyzer [1]
overview
- about viewing detections [1]
- audit logs [1]
- authentication using Captive Portal [1]
- Deep Discovery Web Inspector [1]
- default policy [1]
- detection risk levels [1]
- domain objects [1]
- features and benefits [1]
- hotfixes and patches [1]
- how patient zero protection works [1]
- HTTPS decryption rules [1]
- HTTPS domain tunnels [1] [2]
- HTTPS inspection [1]
- HTTPS tunnels [1]
- intelligent decryption [1]
- network objects [1]
- of integration with Apex Central [1]
- of integration with Deep Discovery Director [1]
- policies [1] [2]
- threat intelligence sharing [1]
- viewing suspicious objects [1]
- Virtual Analyzer, image preparation [1]
packet capture
- See network packet capture
parameters
- critical alerts [1]
- for alert notifications [1]
- for important and informational alerts [1]
- for syslog server profile, content format [1]
passwords
- changing [1] [2]
- changing when editing account settings [1]
patches
- managing [1]
- overview [1]
patient zero
- See patient zero protection
patient zero protection
- benefits of [1]
- definition [1]
- how it works [1]
- sandbox analysis, how it works with [1]
- Virtual Analyzer, how it works with [1]
Patient Zero Protection
- enabling for policies [1]
pattern
- adding custom pattern for intelligent decryption [1]
policies
- adding [1]
- adding, viewing, modifying, duplicating, removing, and ordering [1]
- benefit of enabling patient zero protection [1]
- bypass/redirect, priorities and precedence [1]
- configuring bypass [1] [2]
- configuring bypass/redirect [1]
- configuring iOS/Android device bypass [1]
- configuring redirect [1] [2]
- default policy [1] [2] [3]
- enabling or disabling [1] [2]
- enabling Patient Zero Protection [1]
- how exception lists are used [1]
- how they work [1]
- managing [1]
- managing Active Directory Services authentication [1]
- managing bypass/redirect [1]
- overview [1]
- traffic source exceptions [1]
- viewing [1]
- what it means to enable patient zero protection [1]
- what you can do from the policy menu [1]
policy [1]
- overview [1]
policy management
- benefits of easy-to-use [1]
policy rules
- See policies
ports [1]
- used by appliance [1]
- used for each deployment mode [1]
pre-deployment
- Apex Central [1]
- browser and system requirements [1]
- considerations [1]
- deployment mode overview [1]
- enabling and starting SSH service [1]
- items to prepare [1] [2]
- ports used by appliance [1]
- recommended network environment [1]
- tasks [1]
Predictive Machine Learning
- detected by [1]
Predictive Machine Learning Pattern [1]
Predictive Web Pre-Filter Pattern [1]
preparing
- for deployment, Apex Central [1]
- for deployment, ports used by appliance [1]
- items for deployment [1]
preparing for deployment [1]
product
- license description [1]
- license statuses [1]
product license [1]
product updates
- hotfixes and patches overview [1]
product upgrades
- managing patches [1]
- updating firmware [1]
protocols
- Bandwidth Status widget [1]
- Connection Status widget [1]
- Traffic Status widget [1]
proxy setting
- what is affected by [1]
proxy settings
- configuring [1]
queue
- Virtual Analyzer Queue widget [1]
ransomware
- Ransomware Detections Over Time widget [1]
- threat indicator [1]
ransomware detected in specified network groups
- critical alerts [1]
- parameters for alert [1]
RAT [1]
recipients
- for on-demand reports [1]
- for scheduled reports [1]
- managing [1]
recommendations
- network environment [1]
redirect
- policies, configuring [1]
redirect policies
- configuring [1]
- configuring for bridge mode [1]
- managing [1]
- priorities and precedence [1]
registering
- Apex Central [1]
removing
- Active Directory Services authentication policies [1]
- Active Directory Services domains [1]
- domain objects [1]
- HTTPS decryption rules [1]
- network objects [1]
- policies [1]
replicate settings
- across devices using backups [1]
reports [1]
- adding Active Directory users for [1]
- adding contacts for receiving [1]
- contacts for receiving [1]
- on demand [1] [2]
- on-demand reports [1]
- scheduled reports [1]
- scheduling [1]
- time intervals for scheduled reports [1]
required tasks
- you must perform to get started [1]
requirements
- deployment [1]
- enabling and starting SSH service [1]
- multi-bridge [1]
- pre-deployment [1]
- SSH access [1]
- transparent bridge with trunk links [1]
- transparent HA [1]
resetting
- notifications to default [1]
resetting to default
- notifications [1]
restore [1] [2]
restoring configuration
- using backups [1]
risk levels [1]
- how assessed [1]
- overview [1]
- Virtual Analyzer [1]
role-based access
- adding accounts for [1]
roles
- classifications for accounts [1]
rollback
- components [1]
rolling back
- hotfixes and patches [1]
sandbox analysis
- benefits of [1]
sandbox images
- viewing status for Virtual Analyzer [1]
- Virtual Analyzer, deleting [1]
- Virtual Analyzer, importing [1]
- Virtual Analyzer, importing from HTTP or FTP server [1]
- Virtual Analyzer, importing from local source [1]
- Virtual Analyzer, names of [1]
- Virtual Analyzer, preparation of [1]
- Virtual Analyzer scanning using [1]
scanning
- suspicious objects by Virtual Analyzer [1] [2]
scheduled reports [1]
- scheduling [1]
schedule updates [1]
scheduling
- reports [1]
Script Analyzer Pattern [1]
search filters
- advanced, applying a saved filter [1]
- advanced, creating and editing [1]
- detections, basic [1] [2]
security patches
- overview [1]
services
- adding domains to Active Directory Services [1]
- affected by proxy settings [1]
- authentication using Active Directory Services [1]
service stopped/abnormal
- critical alerts [1]
- parameters for alert [1]
settings
- managing user-defined [1]
setting up
- hardware for deployment [1]
shell environment [1]
smart protection [1]
- Web Reputation Services [1]
Smart Scan Agent Pattern [1]
SMTP
- notification server, configuring [1]
Spyware/Grayware Pattern [1]
SSH
- enabling and starting service [1]
- requirements for access using [1]
SSH service
- enabling and starting [1]
starting
- SSH service [1]
static routes
- adding [1]
- adding, viewing, or deleting [1]
- managing [1]
statuses
- license [1]
- viewing information about Deep Discovery Directory integration [1]
- Virtual Analyzer, for each image [1]
- Virtual Analyzer, list of overall [1]
- Virtual Analyzer, viewing [1]
storage logs
- configuring for deletion settings for [1]
storage maintenance
- configuring log deletion settings [1]
support
- how LACP works with Deep Discovery Web Inspector [1]
- resolve issues faster [1]
suspicious
- domain objects [1]
suspicious documents
- threat indicator [1]
suspicious file
- objects [1]
suspicious IP address
- objects [1]
suspicious malware
- threat indicator [1]
suspicious objects
- domains [1]
- file [1]
- investigating detection details [1]
- IP addresses [1]
- list of detection details [1]
- overview about viewing [1]
- patient zero protection with Virtual Analyzer [1]
- support for synchronizing with Apex Central [1]
- support for synchronizing with Deep Discovery Director [1]
- Suspicious Objects from Virtual Analyzer widget [1]
- synchronize with Apex Central [1]
- URLs [1]
- viewing synchronized suspicious objects [1]
- Virtual Analyzer scanning of [1] [2]
suspicious objects analysis (Virtual Analyzer)
- detected by [1]
suspicious objects filtering (Virtual Analyzer)
- detected by [1]
Suspicious Objects from Virtual Analyzer
- widget [1]
suspicious scripts
- threat indicator [1]
suspicious URL
- objects [1]
- threat indicator [1]
synchronize
- suspicious objects using Apex Central [1]
synchronized suspicious objects
- synchronized from Apex Central [1]
- synchronized from Deep Discovery Director [1]
synchronizing
- Active Directory Services domains [1]
- suspicious objects with Apex Central [1]
- suspicious objects with Deep Discovery Director [1]
syslog server
- sending access logs to a [1]
- sending detection violation logs to a [1]
syslog server profile
- content format parameters [1]
syslog servers
- adding detection [1]
system maintenance
- administration [1]
- backing up or restoring a configuration [1]
- bypass/redirect policy priorities and precedence [1]
- configuring bypass/redirect policies [1]
- configuring bypass policies [1]
- configuring debug log levels [1]
- configuring redirect policies [1]
- configuring storage log deletion settings [1]
- enabling/disabling bypass mode [1]
- exporting and downloading debug files [1]
- exporting debug or error logs [1]
- network packet capture [1] [2]
- network services diagnostics [1]
- testing network connections [1]
system requirements
- deployment [1]
- enabling and starting SSH service [1]
- pre-deployment [1]
system settings
- adding static routes [1]
- configuring network settings [1]
- configuring notification SMTP server [1]
- configuring proxy settings [1]
- configuring system time [1]
- configuring X-Header handling settings [1]
- list of what is configured in [1]
- managing authentication certificates [1]
- managing static routes [1]
System Status
- dashboard tab [1]
System Status tab
- Bandwidth Status widget [1]
- Connection Status widget [1]
- Hardware Status widget [1]
- Traffic Status widget [1]
system time
- configuring [1]
tab
- System Status [1]
- Threat Monitoring [1]
- Virtual Analyzer [1]
tabs [1]
- adding widgets to [1]
- settings [1]
- System Status tab [1]
- tasks [1]
- Threat Monitoring tab [1]
- Virtual Analyzer tab [1]
tasks
- additional, you must perform to get started [1]
- getting started [1]
- pre-deployment [1]
- tabs [1]
threat indicators
- classifications for detection [1]
- detection [1]
threat intelligence data file
- download and view [1]
threat intelligence sharing
- consideration when used with Apex Central [1]
- consideration when used with Deep Discovery Director [1]
- overview [1]
threat intelligence sharing settings
- configuring [1]
threat landscapes
- introduction [1]
Threat Monitoring
- dashboard tab [1]
Threat Monitoring tab
- Advanced Threat Indicators widget [1]
- C&C Callback Detections Over Time widget [1]
- Ransomware Detections Over Time widget [1]
- Top Affected Users widget [1]
- Top Detected URLs widget [1]
- Virtual Analyzer Sandbox Analysis widget [1]
throughput
- maximum expected for each appliance model [1]
time
- manually setting [1]
timezone
- configuring [1]
tokens
- notification, list of [1]
Top Affected Users
- widget [1]
Top Detected URLs
- widget [1]
topology
- transparent bridge [1]
- transparent bridge with trunk links [1]
traffic
- Traffic Status widget [1]
traffic source exceptions
- policies [1]
traffic sources
- how used in policies [1]
- selecting for policies [1]
Traffic Status
- widget [1]
transparent bridge
- deployment mode, topology overview [1]
- mode overview [1]
- overview [1]
- requirements [1]
- with trunks, mode overview [1]
- with trunks, overview [1]
transparent bridge mode
- accessing the deployment wizard to deploy [1]
- configuring using deployment wizard [1]
- initial configuration using the deployment wizard [1]
- initial deployment using deployment wizard [1]
- using the deployment wizard to deploy [1]
transparent bridge mode with LACP
- adding second bypass adapter for [1] [2]
transparent bridge with trunk links
- mode overview [1]
transparent bridge with trunks
- mode overview [1]
transparent HA
- deployment mode, topology overview [1]
- mode overview [1] [2]
- requirements [1]
- with trunk links, mode overview [1]
transparent HA mode
- configuring using deployment wizard [1]
- initial configuration using the deployment wizard [1]
- initial deployment using deployment wizard [1]
- multi-bridge mode
  - using the deployment wizard to deploy [1]
- network topology [1]
- using the deployment wizard to deploy [1]
- with trunk links, network topology [1]
transparent HA mode with LACP
- adding second bypass adapter for [1] [2]
transparent HA with trunk links
- mode overview [1] [2] [3]
triggered alerts
- managing [1]
- overview [1]
- viewing [1]
- viewing, deleting, or exporting [1]
true file type
- detected by [1]
trusted
- digital certificates [1]
- digital certificates, information about [1]
trusted CA certificates
- managing [1]
tunnels
- purpose for HTTPS domain [1]
- viewing HTTPS [1]
unregistering
- Apex Central [1]
untrusted
- digital certificates [1]
- digital certificates, information about [1]
untrusted CA certificates
- managing [1]
untrusted server certificate
- detected by [1]
update/rollback successfully completed
- informational alerts [1]
- parameters for alert [1]
updateable components
- list of [1]
updating
- components [1]
- firmware [1]
URL filtering
- detected by [1]
URL Filtering Engine [1]
URLs
- suspicious objects found by Virtual Analyzer [1]
- Top Detected URLs widget [1]
- viewing detections [1]
user
- notifications, list of [1]
user defined settings
- overview [1]
user-defined settings
- managing [1]
- managing approved/blocked lists [1]
- managing domain objects [1]
- managing network objects [1]
- managing notifications [1]
user notifications
- list of [1]
- list of message tokens [1]
users
- Top Affected Users widget [1]
- viewing detections for affected [1]
users and groups
- selecting as traffic sources for policies [1]
using
- Command Line Interface [1]
utilization
- Virtual Analyzer images [1]
version
- finding in license description [1] [2]
viewing
- Active Directory Services authentication policies [1]
- Active Directory Services domains [1]
- all detections [1]
- all detections with search filters [1]
- approved/blocked lists [1]
- audit logs [1]
- bypass/redirect policies [1]
- certificate exceptions [1]
- detections for affected users [1]
- detections for files [1]
- detections for URLs [1]
- detection viewing overview [1]
- digital certificates [1]
- domain objects [1]
- HTTPS decryption rules [1] [2]
- HTTPS domain tunnels [1]
- HTTPS tunnel exceptions [1]
- inactive CA certificates [1]
- information about CA used to resign [1]
- network objects [1]
- notifications [1]
- policies [1] [2]
- product information using about screen [1]
- product licenses [1]
- suspicious objects, overview [1]
- synchronized suspicious objects [1]
- triggered alerts [1]
- trusted CA certificates [1]
- untrusted CA certificates [1]
- Virtual Analyzer status [1]
violation logs
- sending to a syslog server [1]
virtual analyzer
- importing images for internal [1]
Virtual Analyzer
- administration [1]
- benefit of enabling patient zero protection [1]
- benefits of sandbox analysis [1]
- configuring network settings for [1]
- dashboard tab [1]
- deleting images [1]
- detections of suspicious objects [1]
- external integration with Deep Discovery Analyzer [1]
- image preparation overview [1] [2]
- image status and information [1]
- importing images [1]
- importing images from HTTP or FTP server [1]
- importing images from local source [1]
- integration with Deep Discovery Analyzer [1]
- management [1]
- modifying instances [1]
- network types [1]
- overall statuses [1]
- patient zero protection during sandbox analysis [1]
- risk levels [1]
- suspicious domain objects found by [1]
- suspicious file objects found by [1]
- suspicious IP address objects found by [1]
- suspicious object scanning overview [1] [2]
- suspicious URL objects found by [1]
- viewing image information [1]
- viewing status [1]
- Virtual Analyzer Average Processing Time widget [1]
- Virtual Analyzer Queue widget [1]
- Virtual Analyzer Sandbox Analysis widget [1]
Virtual Analyzer Average Processing Time
- widget [1]
Virtual Analyzer Configuration Pattern [1]
Virtual Analyzer Queue
- widget [1]
Virtual Analyzer Sandbox Analysis
- widget [1]
Virtual Analyzer Sensors [1]
Virtual Analyzer Status tab
- Suspicious Objects from Virtual Analyze widget [1]
- Virtual Analyzer Average Processing Time widget [1]
- Virtual Analyzer Queue widget [1]
VSAPI [1]
web reputation [1]
web reputation service
- detected by [1]
widgets [1] [2]
- adding to tabs [1]
- Advanced Threat Indicators widget [1]
- Bandwidth Status widget [1]
- C&C Callback Detections Over Time widget [1]
- Connection Status widget [1]
- displayed by default [1]
- Hardware Status widget [1]
- in System Status tab [1]
- in Threat Monitoring tab [1]
- in Virtual Analyzer tab [1]
- list of [1]
- managing [1]
- Ransomware Detections Over Time [1]
- Ransomware Detections Over Time widget [1]
- Suspicious Objects from Virtual Analyzer widget [1]
- system status
  - Bandwidth Status [1]
  - Traffic Status [1]
- System Status tab
  - Connection Status widget [1]
  - Hardware Status widget [1]
- tasks you can perform on [1]
- Threat Monitoring tab
  - Advanced Threat Indicators widget [1]
  - C&C Callback Detections Over Time widget [1]
  - Ransomware Detections Over Time widget [1]
  - Top Affected Users widget [1]
  - Top Detected URLs widget [1]
  - Virtual Analyzer Sandbox Analysis widget [1]
- Top Affected Users [1]
- Top Detected URLs widget [1]
- Traffic Status widget [1]
- Virtual Analyzer Average Processing Time widget [1]
- Virtual Analyzer Queue widget [1]
- Virtual Analyzer Sandbox Analysis widget [1]
- Virtual Analyzer Status tab
  - Suspicious Objects from Virtual Analyzer widget [1]
  - Virtual Analyzer Average Processing Time widget [1]
  - Virtual Analyzer Queue widget [1]
Windows Servers
- supported for configuring Active Directory Services [1]
X-Authenticated-User settings
- configuring [1]
XFF settings
- configuring [1]
X-Forwarded-For settings
- configuring [1]
X-Header handling settings
- configuring [1]

Configuring X-Header Handling Settings

You can configure how Deep Discovery Web Inspector manages X-Header settings for the X-Forwarded-For and X-Authenticated-User fields.

Note

X-Header settings are supported for all deployment modes.

Procedure

Go to Administration → System Settings → X-Header Handling.
Enable or disable X-Forwarded-For Parsing .

If this option is enabled, when Deep Discovery Web Inspector gets the X-Forwarded-For from the user request, Deep Discovery Web Inspector uses the first address of the resolved X-Forwarded-For instead of the IP address of the TCP connection to do authentication, decryption, scanning, and logging.

Specify the X-Header handling settings for X-Forwarded-For and X-Authenticated-User.

Option

Description

Keep

Retain the information found in the X-Forwarded-For or X-Authenticated-User fields.

Remove

Remove the specified field.

Add

Retain the specified field and additionally:

For X-Forwarded-For, append the proxy IP to the field.

For X-Authenticated-User, append the user info to the field.

Note

The appended user information is added in the following format: [DOMAIN]\[USERNAME]

Click Save.

Deep Discovery Web Inspector Online Help