Using the Blue Coat graphical Visual Policy Manager
Before you configure the Blue Coat header policy, ensure that NTLM authentication is specified in the Blue Coat Visual Policy Manager (). Set Forcepoint Web Security Cloud as the forwarding host (in the Blue Coat Management Console Configuration tab, ). The address of the Forcepoint Web Security Cloud service is webdefence.global.blackspider.com, port 8081.
In the Blue Coat Management Console Configuration tab, click Policy and select Visual Policy Manager. Click
Launch and configure the header policy as follows:
- In the Policy menu, select Add Web Access Layer and enter an appropriate policy name in the Add New Layer dialog box.
- Select the Web Access Layer tab that is created.
- The Source, Destination, Service, and Time column entries should be Any(the default).
- Right-click the area in the Action column, and select Set.
- Click New in the Set Action Object dialog box and select Control Request Header from the menu.
- In the Add Control Request Header Object dialog box, enter a name for the client IP Action object in the Name entry field.
- Enter X-Forwarded-For in the Header Name entry field.
- Select the Set value radio button and enter the following value:
$(x-client-address) - Click OK.
- Click New and select Control Request Header again.
- In the Add Control Request Header Object dialog box, enter a name for the authenticated user information Action object in the Name entry field.
- Enter X-Authenticated-User in the Header Name entry field.
- Select the Set value radio button and enter the following value:
WinNT://$(user.domain)/$(user.name) - Click OK.
- Click New and select Combined Action Object from the menu.
- In the Add Combined Action Object dialog box, enter a name for a proxy chain header in the Name entry field.
- In the left pane, select the previously created control request headers and click Add.
- Select the combined action item in the Set Action Object dialog box and click OK.
Click Install Policy in the Blue Coat Visual Policy Manager.