How Web Gateway works

A Web Gateway appliance uses several subsystems to provide filtering and other functions, based on its operating system.

Appliance subsystems

The subsystems of the appliance and their modules do the following:

  • Core subsystem — Provides a proxy module for intercepting web traffic and a rule module for processing the filtering rules that make up your web security policy.

    This subsystem furthermore provides the modules (also known as engines) that complete special jobs for the filtering rules and can be configured by you, for example, the Anti-Malware module, the URL Filter module, or the Authentication module.

    A flow manager module ensures efficient cooperation between the modules.

  • Coordinator subsystem — Stores all configuration data processed on the appliance

    This subsystem also provides update and Central Management functions.

  • Configurator subsystem — Provides the user interface (internal subsystem name is Konfigurator)
Figure 1. Appliance subsystems and modules

Operating system

The subsystems of the appliance rely on the functions of its operating system, which is MLOS 2 (McAfee Linux Operating System, version 2).

The operating system provides functions for executing the actions that the filtering rules trigger, file and network reading and writing, and access control.

A configuration daemon (sysconfd daemon) implements changed configuration settings in the operating system.