CacheGuard-OS
User's Guide - Version UF-2.3.5


CacheGuard Overview

The User’s Guide enables you to quickly and concisely learn how to configure and administer a CacheGuard appliance. For a detailed description of each command used in this guide, please refer to the Commands Manual. The Web administration GUI provided with CacheGuard-OS serves as a front end to the CLI and, therefore, is not documented separately.

CacheGuard Gateway allows you to connect your networks to the Internet securely and confidently while protecting your IT infrastructure against harmful traffic. Additionally, CacheGuard Gateway enables you to provide the QoS (Quality of Service) required by your most critical network traffic, such as VoIP. What makes CacheGuard Gateway a unique solution is its dual functionality: in forwarding mode, it protects your users connecting to the Internet, while in reverse mode, it protects your Web applications. To deploy a CacheGuard Gateway, simply install CacheGuard-OS on the machine of your choice. The only requirement is that the machine must have at least two NICs (Network Interface Cards). For assistance with CacheGuard-OS installation, please refer to the Getting Started section.

CacheGuard-OS integrates a range of network security and traffic optimisation features such as, but not limited to, a firewall, VPN, Web antivirus, filtering proxy, reverse proxy, WAF, traffic shaping and Web caching. All these features can be securely and efficiently activated simultaneously on the same machine, ensuring optimal use of the underlying hardware resources.

Using CacheGuard-OS

Implementing and configuring CacheGuard-OS is both straightforward and efficient, even if you are not a networking or security specialist. With CacheGuard-OS, all the complexity of the integrated open-source software is hidden beneath the surface, allowing you simply to turn the key and benefit from a powerful and reliable engine.

CacheGuard Gateway Functions
CacheGuard-OS Network Optimisation

  • Network appliance
  • Internet gateway
  • Web load balancer
  • 802.1q VLANs
  • NTP support
  • Traffic shaping
  • DHCP server
  • Caching DNS
 CacheGuard-OS IP Security

  • Internal, external, and auxiliary zoning
  • Forwarding and reverse Web proxy
  • Transparent HTTP proxy
  • Proxy chaining and parallel implementation
  • Access lists
  • IP firewall with NAT and PAT
  • IPsec VPN in site-to-site or remote access modes
  • Protection against SYN flood, port scanning, spoofing, and more
CacheGuard-OS Web Security

  • URL guarding based on URL blacklists, whitelists, and regular expressions
  • URL guarding policies based on access time, IP, and LDAP requests
  • Automatic blacklist updating
  • Web Application Firewall (XSS, SQL injection, etc.)
  • Access logging
  • LDAP and Kerberos AD authentication
  • SSL terminator
  • SSL mediator/inspector
  • Web gateway antivirus
  • Antivirus service for emails
 CacheGuard-OS High Availability

  • RAID capabilities
  • Backup and restore on a spare machine
  • Ethernet link bonding
  • VRRP redundancy
  • Multi-WAN support
CacheGuard-OS Web Optimisation

  • Persistent Web caching
  • HTTP compression
  • Web cache sharing
  • Traffic shaping
 CacheGuard-OS Administration

  • CLI (Command Line Interface) configuration
  • Console port administration
  • Remote administration via Web GUI and SSH
  • Logging to remote Syslog servers
  • SNMP agent and trap generation
Copyright (C) 2009-2025 CacheGuard - All rights reserved