Blue Coat Systems Proxy SG manual Concepts, Transactions

Chapter 1: Overview of Content Policy Language

The Content Policy Language (CPL) is a programming language with its own concepts and rules that you must follow.

This chapter provides an overview of CPL, including the following topics:

•"Concepts"

•"CPL Language Basics"

•"Writing Policy Using CPL"

•"Troubleshooting Policy"

•"Upgrade/Downgrade Issues"

Concepts

The term policy, as used here, refers to configuration values and rules applied to render decisions on authentication requirements, access rights, quality of service, or content transformations (including rewrites and off-box services that should be used to process the request or response). Often, the policy references system configuration for the default values for some settings and then evaluates rules to see if those settings should be overridden.

CPL is a language for specifying the policy rules for the ProxySG. Primarily, it controls the following:

•User Authentication requirements

•Access to Web-related resources

•Cache content

•Various aspects of request and response processing

•Access logging

You can create policy rules using either the Visual Policy Manager (VPM), which is accessible through the Management Console, or by composing CPL.

Before reading sample CPL or trying to express your own policies in CPL, Blue Coat recommends that you understand the fundamental concepts underlying policy enforcement in the ProxySG appliances. This section provides an overview of important concepts.

Transactions

In the CPL context, a transaction is the encapsulation of a request for service and any associated response for the purposes of policy evaluation and enforcement. In most cases, a transaction is created for each unique request for service, and the transaction exists for the time taken to process the request and deliver the response.

The transaction serves the following purposes:

•Exposes request and response state for testing during policy evaluation.