Note: This topic applies to the Edinburgh Release.
Secure Global Proxy is a feature of the Smoothwall firewall products allowing direct connection to the Guardian web filter, through external interfaces, for remote devices.
Since this feature allows the web filter to be exposed as a public facing service, there is an additional layer of certificate security to reduce any potential risk from malicious abuse.
Secure Global Proxy uses NTLM authentication, and allows remote access to the web filter for iOS devices (via iOS Global HTTP Proxy), Android tablets, Chromebook, Windows and OSX laptops.
With Secure Global Proxy, users are expected to be authenticated via NTLM. As an additional layer of security, devices can be required to present a client-side certificate for validation. This ensures only valid devices are permitted through the firewall to the network. The client-side certificate must be deployed to all devices, irrespective of operating system. Devices presenting an invalid certificate, or none, will be blocked.
Note: The home page of the device’s browser must be set to the external IP address of your Smoothwall System and port
https to validate the certificate before web traffic is allowed through, such as:
The client-side certificate is downloadable from the Smoothwall System. It has a blank password, and is in
PKCS#12 format which is supported by the majority of browsers.
However, iOS operating systems do require a password on the certificate, which you must configure separately. For more information, see Uploading the Client-Side Certificate.
Secure Global Proxy supports the following operating systems on devices:
|•||Running Jellybean (4.3), KitKat (4.4), or above|
|•||For more information, see Redirecting Android Devices’ Web Traffic|
|•||Running iOS 7.1, or above|
|•||For more information, see Redirecting iOS Devices’Web Traffic|
|•||Most mainstream browsers which support NTLM authentication|
|•||For more information, see Redirecting Computers’Web Traffic|
|•||For more information, see Redirecting Chromebooks’ Web Traffic|