Blue Coat Systems Proxy SG Appendix A: Glossar y

Appendix A: Glossar y

actions A class of definitions. CPL has two general classes of actions: request or response

modifications and notifications. An action takes arguments (such as the portion of the

request or response to modify) and is wrapped in a named action definition block. When

the action definition is turned on by the policy rules, any actions it contains operate on

their respective arguments.

<Admin> layer One of the five layer types allowed in a policy. Used to define policy rules that control

access to the Management Console and command line interface (CLI).

admin transaction Encapsulation of a request to manage the ProxySG for the purposes of policy evaluation.

Policy in <Admin> layers applies to admin transactions. Additionally, if the user is

explicitly proxied to the ProxySG, a proxy transaction will also be created for the request.

allow The preferred short form of exception(no), a property setting that indicates that the

request should be granted.

A default rule for the proxy policy layer. You have two choices: allow or deny. Deny

prevents any access to the ProxySG; allow permits full access to the ProxySG.

<Cache> layer One of the five layer types allowed in a policy. Used to list policy rules that are evaluated

during a cache or proxy transaction.

cache transaction Encapsulation of a request, generated by the ProxySG and directed at an upstream

device, for the purposes of maintaining content in the local object store.

Central Policy File A file provided by Blue Coat Technical Support to ensure that the ProxySG behaves

correctly and efficiently when accessing certain sites. You can adapt this file to include

policies you want to share among multiple appliances.

condition A boolean combination of trigger expressions that yields true or false when evaluated.

default policy The default settings for various transaction properties taken from configuration. An

important example is the default proxy policy that is configurable to either allow or deny

definition A definition binds a user-defined label to a condition, a content category, a

transformation or a group of actions.

deny The preferred short form of exception(policy_denied), a property setting that

indicates that the request should be refused.

Evaluation order The order in which the four policy files—Central, Local, VPM, and Forward—are

evaluated. When a file is evaluated last, the policy rules and the related configuration

settings it specifies can override any settings triggered in the other files.

The order of evaluation of the Central, Local, and VPM policy files is configurable using

the policy order CLI command or the Management Console. The Forward file is

always last in the evaluation order.

Exception layer One of the five layer types allowed in a policy. Exception layers are evaluated when an

exception property is set, forcing transaction termination. Policy in an exception layer

gives the administrator a final chance to modify the properties (such as headers) of the

response (exception) object, just as they would get a chance to modify the properties of

an object returned from the origin server or from cache.

<Forward> layer One of the five layer types allowed in a policy. <Forward> layers are only evaluated

when the current transaction requires an upstream connection.