About the global proxy
The global proxy allows a direct connection to the Smoothwall Filter through external interfaces for remote devices. To reduce any potential risk from malicious abuse, because this feature means that the Smoothwall Filter can be accessed as a public facing service, there's an additional layer of certificate security. The global proxy uses NTLM authentication and allows remote access to the Smoothwall Filter for iOS devices (via iOS Global HTTP Proxy), Android tablets, Chromebook, Windows and OSX laptops. You can configure and view settings for the secure global proxy.
The global proxy supports the following operating systems on devices:
|Android devices||Running Jellybean (4.3), KitKat (4.4), or higher, see our knowledge base article, Redirecting Android Device Web Traffic to Use Global Proxy|
|iOS devices||Running iOS 7.1, or higher, see our knowledge base article, Redirecting iOS-Based Devices’ Web Traffic.|
|Desktops||Most mainstream browsers that support NTLM authentication, see our knowledge base article, Redirecting Windows-Based Devices' Web Traffic.|
|Google Chromebooks||See our knowledge base article, Redirecting Chromebook-Based Devices' Web Traffic.|
Preparing your Smoothwall
Before configuring your Global Proxy clients and devices to proxy through the Smoothwall, you must do the following:
Adding Smoothwall Interfaces
You must make sure that your Smoothwall has at least one internal, and one external interface configured, see our help topic, Adding new interface connections.
Adding an Active Directory Connection
Global Proxy needs users to be authenticated via NTLM. Therefore, you must set up your Smoothwall to use Active Directory, see our help topic, Managing directories.
Creating an NTLM Authentication Policy
Users using Global Proxy must be authenticated using NTLM, providing at least one layer of protection between the user, and the proxy server and service. You must set up your Smoothwall with the correct NTLM authentication policy, see our help topic, Creating an NTLM authentication policy.
Creating Your Own Block Page
External devices that have been redirected to Global Proxy can't access the block page configured on your Smoothwall fully. We recommend that you create an additional plain text block page and upload it to your Smoothwall. You can then create a block page policy for users of the Global Proxy using NTLM method.
Tip: To use graphics on your Global Proxy policy block page, you must host these on a server that can be access externally, using image tags and style sheets that can be accessed publicly. Refer to your Smoothwall representative.
Recognizing Global Proxy Clients and Devices
You must configure the Smoothwall to instruct it how to recognize connecting clients and devices as Global Proxy ones, see our help topic, Identifying global proxy clients and devices.