Hello again. If you are here, you are probably looking for some HowTo help on FireEye Integration With BlueCoat Proxy, or perhaps you have already completed that and are looking for a good splash page to use for FireEye blocks. Either way, I thank you for stopping by, and hope to be of some assistance if possible.
When I started working on the integration it was actually fairly simplistic, in that the proxy is just using the FireEye output as an input for the Central Policy file, which we then use to block URL’s in the comprehensive BlueCoat policy (I am talking the whole policy when combined VPM, Central, Local, Forward). What I also found out is that FireEye is not integrating this as well as they could have when it comes to the “return exception” that BlueCoat uses to provide the user with input on why it was blocked, which is a pain in my rear, as we now have to jump through a few more hoops to get less functionality. Let me explain….