Advanced Configuration and Troubleshooting

The following sections explain how to maintain the DLP gateway and captured files.

Configuring HTTP Inspection on All Ports

You can configure inspection of HTTP transmissions on all ports (standard HTTP ports 80, 8080, and other non-standard ports you might have configured).

To enable HTTP inspection on all ports:

1. In R80 SmartConsole, click Gateways & Servers and double-click the Security Gateway.

   The gateway window opens and shows the General Properties page.

2. From the navigation tree, click Data Loss Prevention > Protocols.
3. Click default protocols.

   The Default Protocols window opens.

4. Click Enable HTTP inspection on nonstandard ports.
5. Click OK.

   Note - When you set HTTP inspection on all ports there is a performance impact.

6. Close the gateway window and install the policy.

Installing the Signed Certificate

To install the certificate:

1. In R80 SmartConsole, click Gateways & Servers and double-click the Security Gateway.

   The gateway window opens and shows the General Properties page.

2. From the navigation tree, click the appropriate Software Blade page:
   • Mobile Access > Portal Settings
   • Platform Portal
   • Data Loss Prevention
   • Identity Awareness > Captive Portal > Settings > Access Settings

   In the Certificate section, click Import or Replace.

3. Install the policy on the gateway.

   Note - The Repository of Certificates on the IPsec VPN page of the gateway object is only for self-signed certificates. It does not affect the certificate installed manually using this procedure.

Viewing the Certificate

To see the new certificate from R80 SmartConsole:

1. In R80 SmartConsole, click Gateways & Servers and double-click the Security Gateway.

   The gateway window opens and shows the General Properties page.

2. From the navigation tree, click Data Loss Prevention.
3. In the Certificate section, click View.