Appendix A: Glossary

actions

A class of definitions. CPL has two general classes of actions: request or response

 

modifications and notifications. An action takes arguments (such as the portion of the

 

request or response to modify) and is wrapped in a named action definition block. When

 

the action definition is turned on by the policy rules, any actions it contains operate on

 

their respective arguments.

<Admin> layer

One of the five layer types allowed in a policy. Used to define policy rules that control

 

access to the Management Console and command line interface (CLI).

admin transaction

Encapsulation of a request to manage the ProxySG for the purposes of policy evaluation.

 

Policy in <Admin> layers applies to admin transactions. Additionally, if the user is

 

explicitly proxied to the ProxySG, a proxy transaction will also be created for the request.

allow

The preferred short form of exception(no), a property setting that indicates that the

 

request should be granted.

 

A default rule for the proxy policy layer. You have two choices: allow or deny. Deny

 

prevents any access to the ProxySG; allow permits full access to the ProxySG.

<Cache> layer

One of the five layer types allowed in a policy. Used to list policy rules that are evaluated

 

during a cache or proxy transaction.

cache transaction

Encapsulation of a request, generated by the ProxySG and directed at an upstream

 

device, for the purposes of maintaining content in the local object store.

Central Policy File

A file provided by Blue Coat Technical Support to ensure that the ProxySG behaves

 

correctly and efficiently when accessing certain sites. You can adapt this file to include

 

policies you want to share among multiple appliances.

condition

A boolean combination of trigger expressions that yields true or false when evaluated.

default policy

The default settings for various transaction properties taken from configuration. An

 

important example is the default proxy policy that is configurable to either allow or deny

definition

A definition binds a user-defined label to a condition, a content category, a

 

transformation or a group of actions.

deny

The preferred short form of exception(policy_denied), a property setting that

 

indicates that the request should be refused.

Evaluation order

The order in which the four policy files—Central, Local, VPM, and Forward—are

 

evaluated. When a file is evaluated last, the policy rules and the related configuration

 

settings it specifies can override any settings triggered in the other files.

 

The order of evaluation of the Central, Local, and VPM policy files is configurable using

 

the policy order CLI command or the Management Console. The Forward file is

 

always last in the evaluation order.

Exception layer

One of the five layer types allowed in a policy. Exception layers are evaluated when an

 

exception property is set, forcing transaction termination. Policy in an exception layer

 

gives the administrator a final chance to modify the properties (such as headers) of the

 

response (exception) object, just as they would get a chance to modify the properties of

 

an object returned from the origin server or from cache.

<Forward> layer

One of the five layer types allowed in a policy. <Forward> layers are only evaluated

 

when the current transaction requires an upstream connection.

Page 271
Image 271
Blue Coat Systems Proxy SG manual Appendix a Glossary