beautypg.com

The http alg – Amer Networks E5Web GUI User Manual

Page 385

background image

Maximum Connection Sessions

The service associated with an ALG has a configurable parameter associated with it called Max
Sessions and the default value varies according to the type of ALG. For instance, the default value
for the HTTP ALG is 1000. This means that a 1000 connections are allowed in total for the HTTP
service across all interfaces. The full list of default maximum session values are:

HTTP ALG - 1000 sessions.

FTP ALG - 200 sessions.

TFTP ALG - 200 sessions.

SMTP ALG - 200 sessions.

POP3 ALG - 200 sessions.

H.323 ALG - 100 sessions.

SIP ALG - 200 sessions.

Tip: Maximum sessions for HTTP can sometimes be too low

This default value of the maximum sessions can often be too low for HTTP if there are
large number of clients connecting through the Clavister Security Gateway and it is
therefore recommended to consider using a higher value in such circumstances.

6.2.2. The HTTP ALG

Hyper Text Transfer Protocol (HTTP) is the primary protocol used to access the World Wide Web
(WWW). It is a connectionless, stateless, application layer protocol based on a request/response
architecture. A client, such as a Web browser, sends a request by establishing a TCP/IP
connection to a known port (usually port 80) on a remote server. The server answers with a
response string, followed by a message of its own. That message might be, for example, an HTML
file to be shown in the Web browser or an ActiveX component to be executed on the client, or
perhaps an error message.

The HTTP protocol has particular issues associated with it because of the wide variety of web
sites that exist and because of the range of file types that can be downloaded using the protocol.

HTTP ALG Features

The HTTP ALG is an extensive cOS Core subsystem consisting of the options described below:

Static Content Filtering

This deals with Blacklisting and Whitelisting of specific URLs.

1.

URL Blacklisting

Specific URLs can be blacklisted so that they are not accessible. Wildcarding can be used
when specifying URLs, as described below.

2.

URL Whitelisting

Chapter 6: Security Mechanisms

385

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: