Deb Heller-Evans wrote:
> > Client ---> Proxy#1 (Squid) ---> InterScan VirusWall ---> Proxy#2 ---> Internet
>
> > The addition of Proxy#2 is necessary because VirusWall will use
> > it to connect to the Internet. This configuration is valid
> > whether the Internet gateway is protected by a firewall or not.
>
> I've asked them several times *why* the second squid would be
> necessary - I don't understand why one would need Proxy#2 - why
> not send the request directly to the content server?
Probably because Squid is much better at fetching content from the
Internet than VirusWall. This is best seen at FTP directory listings,
but there is quite likely other differences as well.
It is a more valid question to ask why Proxy#1 is required. If you want
to get rid of one layer above then this is the one you should take away
if you wat the best functionality. However, having a cache on the inside
of the VirusWall may be better from a performance view, but at the same
time it enables the risk that infected content can already have been
cached before a virus profile update...
Regards
Henrik Nordström
Squid Hacker
Received on Mon Oct 22 2001 - 18:46:48 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:03:03 MST