Blue Coat Systems Proxy SG

ProxySG Content Policy Language Guide

Each of the protocol-specific proxy transactions has specific information that can be

tested—information that may not be available from or relevant to other protocols. HTTP Headers and

Instant Messaging buddy names are two examples of protocol-specific information.

Other key differentiators among the proxy transaction subtypes are the order in which information

becomes available and when specific actions must be taken, as dictated by the individual protocols.

Variation inherent in the individual protocols determines timing, or the sequence of evaluations that

occurs as the transaction is processed.

The following table summarizes the policy evaluation order for each of the protocol-specific proxy

transactions.

Table 2.1: When Policy is Evaluated

Transaction Type Policy is Evaluated....

Tunneled TCP transactions before the connection is established to the origin server.

HTTP proxy transactions Before the authentication challenge.

After the authentication challenge, but before the requested object is fetched.

Before making an upstream connection, if necessary.

After the object is fetched

FTP over HTTP transactions: Before the authentication challenge.

After the authentication challenge, but before the required FTP commands are

executed.

Before making an upstream connection, if necessary.

After the object is fetched.

Transparent FTP transactions Policy is examined before the requested object is fetched.

Real Media streaming

transactions

Before the authentication challenge.

After the authentication challenge, but before getting object information.

Before making an upstream connection, if necessary.

After the object information is available, but before streaming begins.

After streaming begins (this evaluation can be done multiple times, for example

after playback is paused and restarted).

Windows Media MMS

streaming transactions

Before the authentication challenge.

Before making an upstream connection, if necessary.

After the authentication challenge but before getting object information.

After the object information is available, but before streaming begins.

After streaming begins (this evaluation can be done multiple times, for example

after playback is paused and restarted).