Feature | Operation mode | ||||
Reverse proxy | True transparent proxy | Transparent inspection | Offline protection | ||
HTTP | HTTPS | ||||
Bridges / V-zones | No | Yes | Yes | Yes | No |
Caching | Yes | Yes | Yes | No | No |
Client Certificate Verification | Yes | Yes | Yes | No | No |
Config. Sync (Non-HA) | Yes ^ | Yes | Yes | Yes | Yes |
Cookie Poisoning Prevention | Yes | Yes | Yes | No | No |
DoS Protection | Yes | Yes | Yes | No ‡ | No ‡ |
Error Page Customization | Yes | Yes | Yes | No | No |
Fail-to-wire | No | Yes | Yes | Yes | No |
File Compression | Yes | Yes | Yes | No | No |
Hidden Input Constraints | Yes | Yes | Yes | No | No |
HA | Yes | Yes | Yes | Yes | No |
Information Disclosure Prevention (Anti-Server Fingerprinting) | Yes | Yes | Yes | Yes § | Yes |
Page Order Rules | Yes | Yes | Yes | No | No |
Rewriting / Redirection | Yes | Yes | Yes | No | No |
Session Management | Yes | Yes * | Yes * | Yes * | Yes * |
Site Publishing | Yes | Yes | Yes | No | No |
SSL/TLS Offloading | Yes | N/A | No | No | No |
SSLv3 Support | Yes | N/A | Yes ~ | Yes ~¶ | Yes ~¶ |
SSLv2 Support | Yes | N/A | No | No | No |
Start Page Enforcement | Yes | Yes | Yes | No | No |
User Authentication | Yes | Yes # | Yes | No | No |
X-Forwarded-For: Support | Yes | Yes | Yes | No | No |
^ Full configuration sync is not supported in reverse proxy mode. ‡ TCP SYN cookie flood prevention is supported. § Only the Alert action is supported. * Requires that your web application have session IDs. See Session Key. ~ DSA-encrypted server certificates are not supported. ¶ Diffie-Hellman key exchanges are not supported. # PKI authentication requires HTTPS. |