Appendix A: Glossary
actions | A class of definitions. CPL has two general classes of actions: request or response |
| modifications and notifications. An action takes arguments (such as the portion of the |
| request or response to modify) and is wrapped in a named action definition block. When |
| the action definition is turned on by the policy rules, any actions it contains operate on |
| their respective arguments. |
<Admin> layer | One of the five layer types allowed in a policy. Used to define policy rules that control |
| access to the Management Console and command line interface (CLI). |
admin transaction | Encapsulation of a request to manage the ProxySG for the purposes of policy evaluation. |
| Policy in <Admin> layers applies to admin transactions. Additionally, if the user is |
| explicitly proxied to the ProxySG, a proxy transaction will also be created for the request. |
allow | The preferred short form of exception(no), a property setting that indicates that the |
| request should be granted. |
| A default rule for the proxy policy layer. You have two choices: allow or deny. Deny |
| prevents any access to the ProxySG; allow permits full access to the ProxySG. |
<Cache> layer | One of the five layer types allowed in a policy. Used to list policy rules that are evaluated |
| during a cache or proxy transaction. |
cache transaction | Encapsulation of a request, generated by the ProxySG and directed at an upstream |
| device, for the purposes of maintaining content in the local object store. |
Central Policy File | A file provided by Blue Coat Technical Support to ensure that the ProxySG behaves |
| correctly and efficiently when accessing certain sites. You can adapt this file to include |
| policies you want to share among multiple appliances. |
condition | A boolean combination of trigger expressions that yields true or false when evaluated. |
default policy | The default settings for various transaction properties taken from configuration. An |
| important example is the default proxy policy that is configurable to either allow or deny |
definition | A definition binds a |
| transformation or a group of actions. |
deny | The preferred short form of exception(policy_denied), a property setting that |
| indicates that the request should be refused. |
Evaluation order | The order in which the four policy |
| evaluated. When a file is evaluated last, the policy rules and the related configuration |
| settings it specifies can override any settings triggered in the other files. |
| The order of evaluation of the Central, Local, and VPM policy files is configurable using |
| the policy order CLI command or the Management Console. The Forward file is |
| always last in the evaluation order. |
Exception layer | One of the five layer types allowed in a policy. Exception layers are evaluated when an |
| exception property is set, forcing transaction termination. Policy in an exception layer |
| gives the administrator a final chance to modify the properties (such as headers) of the |
| response (exception) object, just as they would get a chance to modify the properties of |
| an object returned from the origin server or from cache. |
<Forward> layer | One of the five layer types allowed in a policy. <Forward> layers are only evaluated |
| when the current transaction requires an upstream connection. |