How to Convert User Agent Authentication strings from Local Policy to VPM
search cancel

How to Convert User Agent Authentication strings from Local Policy to VPM


Article ID: 166340


Updated On:


ProxySG Software - SGOS


Some organizations prefer to maintain all Bluecoat policy in once location, instead of trying to maintain both the Local Policy and the Visual Policy.

One of the most common rules that is found in Local policy, that can easily be moved, is a rule which specifies to bypass Authentication for specific User-Agent Strings. below, is an example of how to convert one such Local Policy Rule into a Visual Policy Rule.


Local Policy:


request.header.User-Agent="webex utiltp" authenticate(no) ALLOW


This rule consists of 3 things: A source criteria, and 2 actions. In order to convert this to Visual Policy, it will have to be broken down into 2 rules, one for each action, both of which will specify the source.


Visual Policy:


Rule 1:

This Rule will be contained in a Web Authentication Layer. It will Consist of a Source, as a Request Header Object, and an Action as a Do Not Authenticate Object.

The Request Header Object will List User-Agent as the Header Name, and "webex utiltp" as the Header Regex. This representsthe request.header.User-Agent="webex utiltp" part of the Local Policy rule.

The Do not Authenticate Rule is just chosen form the list iin the Action Field. This object represents the authenticate(No) part of teh Local Policy Rule.


Rule 2.

This rule will be contained in a Web Access layer. It will Consist of the same Request Header Object as above in the source field, and an Allow Action in the Action field.



When rules are moved from Local Policy to the Visual Policy, the order in which all rules are processed changes. Because of this, testing needs to be done to ensure there are no adverse affects to moving the rules.