ProxySG, CAS, Management Center, Reporter useful configuration articles

Below is a list of articles I have contributed to and have been published to BROADCOM knowledge center while managing ProxySG/EdgeSWG, Management Center, Reporter, Web Isolation and Content Analysis products from it’s Network Security Portfolio.

ProxySG/EdgeSWG replace Management Console HTTPS SSL default keyring with certificate issued by a Microsoft Certification Authority server – https://knowledge.broadcom.com/external/article?articleId=261115
Replace Management Center HTTPS SSL default keyring with certificate issued by a Microsoft Certification Authority server – https://knowledge.broadcom.com/external/article/261803
Content Analysis replace Management Console HTTPS SSL default keyring with self-signed certificate issued by a Microsoft Certification Authority server – https://knowledge.broadcom.com/external/article/266155
Configure SSL interception with Microsoft PKI for Explicit proxy – https://knowledge.broadcom.com/external/article?legacyId=TECH244873
Steps to create a keyring with a certificate issued by a Microsoft Certification Authority server – https://knowledge.broadcom.com/external/article?articleId=166338
ProxySG/EdgeSWG policy trace and wireshark log for access denied website via Web Visual Policy Manager – https://knowledge.broadcom.com/external/article/263111
Extended log collection for isolation mode not working on Web Isolation – https://knowledge.broadcom.com/external/article/248037
ICAP request and ICAP response in same policy using different ICAP vendor servers – https://knowledge.broadcom.com/external/article/266379
Block sites by url extension and by Geo Location on ProxySG/EdgeSWG – https://knowledge.broadcom.com/external/article/371510
No device statistics for SSL Visibility (SSLV) on Management Center – https://knowledge.broadcom.com/external/article/369198
Youtube Video Categorization quota exceeded on ProxySG/EdgeSWG – https://knowledge.broadcom.com/external/article/368993
Use of PAC file with Explicit ProxySG/EdgeSWG – https://knowledge.broadcom.com/external/article/368616
Expiration date not updated on ISG Proxy running SSP/ISG Hypervisor – https://knowledge.broadcom.com/external/article/366859
Import EDL external blocklist, blacklist to ProxySG/EdgeSWG with use of Local Database – https://knowledge.broadcom.com/external/article/282375
Edge SWG (formerly ProxySG), Content Analysis, Reporter, Management Center and Web Isolation vulnerability status in respect to CVE-2024-3094 (xz backdoor vulnerability) – https://knowledge.broadcom.com/external/article/282074
CachePulse not working for WIndows Updates and Adobe Creative Suite – https://knowledge.broadcom.com/external/article/281790
No SIte Review Generative AI category for Web Isolation Cloud Tenant Policy – https://knowledge.broadcom.com/external/article/280970
Create an exception suburls for the denied domain in ProxySG/EdgeSWG policy. Deny with exception – https://knowledge.broadcom.com/external/article/280791
Vmware ESXI 8 support & compatibility for Management Center and Reporter – https://knowledge.broadcom.com/external/article/280689
Modify Policy Shared Objects via Management Center REST API – https://knowledge.broadcom.com/external/article/279400
EdgeSWG (Formerly Known As ProxySG) Explicit SSL-Interception With Self-Signed Certificate – https://knowledge.broadcom.com/external/article/279277
CVE-2023-6246 vulnerability for EdgeSWG, Content Analysis, Reporter, Management Center – https://knowledge.broadcom.com/external/article/278821
Upgrade ISG Proxy/CAS via CLI on SSP ISG device – https://knowledge.broadcom.com/external/article/278579
ISG proxy deployed on ISG does not show the extension of the license – https://knowledge.broadcom.com/external/article/278564
Disable TLS 1.1 on Reporter – https://knowledge.broadcom.com/external/article/278256
Block upload of certain file types on websites using POST/PUT – https://knowledge.broadcom.com/external/article/278043
ClamAv is not downloading the av patterns – Reason: Failed to process update – https://knowledge.broadcom.com/external/article/277116
ISG CAS MA unable to upload samples to Sandboxing due to licensing issue health_state license_validity – https://knowledge.broadcom.com/external/article/277046
Does BCAAA install npcap libraries? – https://knowledge.broadcom.com/external/article/277045
Management Center slow login for external users with read-rights – https://knowledge.broadcom.com/external/article/276246
ProxySG/EdgeSWG curl POST/PUT upload issue, Policy Trace shows http://POST/ instead of domain – https://knowledge.broadcom.com/external/article/275640
Error “Realm not supported in this version” when creating local realm on ProxySG/EdgeSWG 7.4.1.1 SGAC – https://knowledge.broadcom.com/external/article/275194
Block access to mobile Snapchat on EdgeSWG/ProxySG – https://knowledge.broadcom.com/external/article/274648
Block exe files on certain websites via ProxySG/EdgeSWG – https://knowledge.broadcom.com/external/article/274180
Bloomberg client bypass on Transparent ProxySG/EdgeSWG deployment – https://knowledge.broadcom.com/external/article/273586
Web Whatsapp not working through ProxySG/EdgeSWG – https://knowledge.broadcom.com/external/article/273198
Change ProxySG/EdgeSWG console password and enable password via CLI – https://knowledge.broadcom.com/external/article/272827
Online and offline activation of SSP/ISG Hypervisor and ISG Applications (SSP) – https://knowledge.broadcom.com/external/article/272078
NET: ERR_CERT_AUTHORITY_INVALID – You cannot visit site right now because the website uses HSTS – https://knowledge.broadcom.com/external/article/269944
Allow Zoom Audio/Video through Edge SWG (ProxySG) – https://knowledge.broadcom.com/external/article/269619
SNMP MIB OID for ProxySG/EdgeSWG, Reporter, Management Center, Content Analysis and SSP ISG – https://knowledge.broadcom.com/external/article/266810
ICAP request and ICAP response in same policy using different ICAP vendor servers – https://knowledge.broadcom.com/external/article/266379
Content Analysis replace Management Console HTTPS SSL default keyring with signed certificate issued by a Microsoft Certification Authority server – https://knowledge.broadcom.com/external/article/266155
Notify-user rule configuration in Policy VPM on ProxySG/EdgeSWG for presenting a notification to user before allowing access to requested URL – https://knowledge.broadcom.com/external/article/264847
ProxySG/EdgeSWG maximum connections to ICAP servers – https://knowledge.broadcom.com/external/article/263540
Attach additional ICAP services to EdgeSWG/ProxySG (Fireeye, Symantec DLP) and use them in parallel to scan traffic – https://knowledge.broadcom.com/external/article/263508
ProxySG/EdgeSWG MS Teams Tunnel drops UDP traffic on Proxy before reaching Microsoft Office365 servers, failover to TCP stream – https://knowledge.broadcom.com/external/article/263435
Create and use internal signed CA certificate for the Reporter FTPS service for log upload – https://knowledge.broadcom.com/external/article/263119
ProxySG/EdgeSWG policy trace and wireshark log for access denied website via Web Visual Policy Manager – https://knowledge.broadcom.com/external/article/263111
ProxySG/EdgeSWG policy trace and wireshark log for access denied website via legacy Java Visual Policy Manager – https://knowledge.broadcom.com/external/article/263103
Replace Management Center HTTPS SSL default keyring with certificate issued by a Microsoft Certification Authority server – https://knowledge.broadcom.com/external/article/261803
On-box sandboxing detection patterns are outdated, update does not work – https://knowledge.broadcom.com/external/article/261422
ProxySG/EdgeSWG replace Management Console HTTPS SSL default keyring with certificate issued by a Microsoft Certification Authority server – https://knowledge.broadcom.com/external/article/261115
Internal AV Error after CAS upgrade to 3.1.5.1 for Kaspersky AV – https://knowledge.broadcom.com/external/article/256952
Block upload rule for all the HTTP/HTTPS traffic on ProxySG – https://knowledge.broadcom.com/external/article/256528
Can you allow or block specific Youtube channels in Proxy SG? – https://knowledge.broadcom.com/external/article/255913
Amazon AWS S3 returns 500 & 503 HTTP Error when sending data via Proxy – https://knowledge.broadcom.com/external/article/254022
ProxySG vulnerability mitigation of CVE-2013-2566, CVE-2014-3566, CVE-2016-2183, SSLv3 – https://knowledge.broadcom.com/external/article/253549
Resized disk1 not present after Proxy ISG resizing for more concurrent users – https://knowledge.broadcom.com/external/article/251921
Invalid device credentials when adding Proxy to Management Center – https://knowledge.broadcom.com/external/article/251855
ProxySG/EdgeSWG bypass Anydesk application – https://knowledge.broadcom.com/external/article/251851
Management Center LDAP shared secret key prompt after password change – https://knowledge.broadcom.com/external/article/251812
“Unexpected cached data found” error while trying to join the domain – https://knowledge.broadcom.com/external/article/250584
Extended log collection for isolation mode not working on Web Isolation – https://knowledge.broadcom.com/external/article/248037
Office 365 and Outlook bypass with PAC file – https://knowledge.broadcom.com/external/article/247962
Cloudflare DDOS protection hCaptcha issue, loop in isolation mode – https://knowledge.broadcom.com/external/article/247463
Office 365 bypass with PAC file – https://knowledge.broadcom.com/external/article/247461
Windows 10 template for IVM profile in CAS – https://knowledge.broadcom.com/external/article/247458
Empty on-box sandboxing statistics in content analysis (CAS) – https://knowledge.broadcom.com/external/article/245964
Linkedin not working in isolation mode – https://knowledge.broadcom.com/external/article/245855
DNS Health Check failed on the Proxy, traffic is not affected on Proxy – https://knowledge.broadcom.com/external/article/245145
DNS server resolution priority, DNS cache expiration on Proxy / ASG / EdgeSWG – https://knowledge.broadcom.com/external/article/245143
Microsoft Power Apps platform access on ProxySG /ASG -apps.powerapps.com – https://knowledge.broadcom.com/external/article/245141
Reset admin password and enable password in Management Center – https://knowledge.broadcom.com/external/article/229153
Web Application Firewall (WAF) is no longer supported under SGOS 7.4.x – https://knowledge.broadcom.com/external/article/376640
Block access to Microsoft Copilot AI Chat on ProxySG/EdgeSWG – https://knowledge.broadcom.com/external/article/376619
Reflect the XFF (x-Forwarded-For) client source IP to upstream Proxy and Firewall – https://knowledge.broadcom.com/external/article/374943
Test x-forwarded-for (XFF) and client-ip on ProxySG implementation – https://knowledge.broadcom.com/external/article/374749
EHCDSA support for SSL-interception certificate on ProxySG/EdgeSWG – https://knowledge.broadcom.com/external/article/282122

Links were shared according to Guidelines for Linking to Broadcom’s Web Site – https://www.broadcom.com/company/term-of-use/guidelines-for-linking

ProxySG, CAS, Management Center, Reporter useful configuration articles

Below is a list of articles I have contributed to and have been published to BROADCOM knowledge center while managing ProxySG/EdgeSWG, Management Center, Reporter, Web Isolation and Content Analysis products from it’s Network Security Portfolio.

Tags:

Maciej Zytowiecki

OPENVPN Site-to-Site using SSL/TLS Certificate-Based Authentication between multiple sites with OPNSENSE

Prevent power failure on OPNSENSE with APC UPS

TOPTON N5095/N5105/N100 opnsense & proxmox powersave tuning

OPNSENSE Surfshark VPN Selective Traffic routing via Wireguard Tunnel on VLAN

Unifi Cloud Gateway Ultra – configuration and hardening

OPNSENSE IP blocklists and Geo-IP block to enhance security against malicious attacks

ProxySG, CAS, Management Center, Reporter useful configuration articles

Below is a list of articles I have contributed to and have been published to BROADCOM knowledge center while managing ProxySG/EdgeSWG, Management Center, Reporter, Web Isolation and Content Analysis products from it’s Network Security Portfolio.

Tags:

Maciej Zytowiecki

You May Also Like