Clients behind a corporate firewall and Squid as HTTP proxy

Johny543
Johny543 W/ Alumni Posts: 2 Security Scout

Hi!

 

I have a scenario where Windows workstations (FS Client Security 12 Premium) are in a network where everything is blocked in a corporate firewall. Not even DNS is allowed. Only port 3210 is open to a single proxy server on a separate DMZ network. That proxy server is allowed to connect to F-S Policy Manager 12 via Internet. Also https method CONNECT for port 443 is allowed on Squid conf.

 

The client workstations should not have any network connections anywhere unless necessary.

 

The proxy server's IP is configured manually in each F-Secure Client Security's Proxy configuration.

 

The problem is that even though the clients get all the virus database updates via proxy server, the clients don't show up in Policy Manager Console. This might be related to the fact that communication to PM Server 12 uses now https (port 443).

 

What ports are necessary to open for communication between clients and Policy Manager Server? Should this even work

 

Squid 3.3.8 on Centos 7.1 (listening port 3210)

F-S Policy Manager 12.10.76372

Comments

  • Johny543
    Johny543 W/ Alumni Posts: 2 Security Scout

    Thanks for fast reply!

     

    Should it be enough to allow https from CS to PM (port 443) or needs the firewall to be open both ways?

     

    Does anyone know how to accomplish this via Squid ? All traffic should go through the proxy.

     

    It's easy to configure the F-S client to use HTTP proxy but I have no idea how to tell the client to use a proxy also for the PM connection.

  • Vad
    Vad W/ Alumni Posts: 1,069 Cybercrime Crusader

    > Should it be enough to allow https from CS to PM (port 443) or needs the firewall to be open both ways?

     

    Both ways.

     

    Best regards,

    Vad

This discussion has been closed.