Trusted Web Guard Prototype
This chapter describes the configuration of a safe web browsing prototype called
Web Guard. Web Guard is configured to isolate a web server and
its web content to prevent attacks from the Internet.
The Web Guard prototype described in this chapter is not a complete
solution. Rather, the prototype is intended to demonstrate how multilevel ports can
be used to proxy URL requests across label boundaries. A more complete
solution would include authentication, data filtering, auditing, and so on.
The primary implementation of the prototype is administrative. The prototype uses multilevel
ports, trusted networking, and Apache web server configuration to set up Web
Guard. In addition to the administrative example, you can use some programmatic
methods to set up the safe web browsing prototype.
This chapter covers the following topics: