CacheGuard Web Gateway Appliance Icon

CacheGuard Web Gateway Appliance

Web Security Gateway (filtering proxy, waf, firewall...)

4.7 Stars (3)
216 Downloads (This Week)
Last Update:
Download CacheGuard-NG-64.iso
Browse All Files



CacheGuard is an Enterprise Grade Web Security Gateway providing firewall, web antivirus, caching, web compression, URL filtering, forward/reverse proxy, web load balancing, WAF, antivirus, bandwidth shaping and more.

The High Availability function is the the heart of CacheGuard using RAID, link bounding, VRRP, cache sharing. An SNMP agent is integrated into the appliance and the appliance can send traps if something goes wrong.

CacheGuard is available as an OS appliance to install on a hardware or virtual machine of your choice. You can implement it transparently in any existing architecture as your main central point where all the Web traffic passes through.

CacheGuard is based on a hardened Linux system built from scratch (with LFS) and integrates netfilter and iproute2, squid, squidGuard, apache, modSecurity, clamAV and multiple other open source products interfaced together as a whole to allow an easy and straightforward configuration using the CLI or the Web GUI.

CacheGuard Web Gateway Appliance Web Site


  • OS Appliance: LFS Linux based
  • Proxy and Reverse Proxy: Squid, Apache
  • URL filtering with blacklists and white lists: SquidGuard
  • Antivirus at the Gateway: ClamAV, c-icap
  • Firewalling, NAT/PAT: Linux netfilter/iptables
  • QoS Traffic Shaping: Linux iproute2/tc
  • Web server load balancing: Squid, Apache
  • WAF (Web Application Firewall): modSecurity
  • SSL Terminator: OpenSSL
  • SSL Mediation (inspection, caching)
  • Web Caching: Squid, Apache
  • HTTP compression; Apache, ecap
  • Traffic Logging: Squid, Apache
  • LDAP Autentication: OpenLDAP
  • Web based configuration: Apache
  • Online commands configuration: bash, SSH
  • Integrated SNMP agent: Net-SNMP
  • RAID support: Linux/mdadm
  • VRRP support: keepaliaved
  • Link Bonding: Linux bonding
  • Backup/Restore applicance: bash script


User Ratings

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 4 / 5
features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 4 / 5
design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 4 / 5
support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5
Write a Review

User Reviews

  • 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    Reliable, robust and mature project with lots of high availability features to ensure service continuity.

    Posted 12/15/2014
  • 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    Cacheguard is the best and easy to use transparent proxy I have ever used! Even if there are some constraints in the installation process (requires its own machine), once installed and some basic network configuration is done, it is straightforward to configure. We use it in our company especially to filter malware and also for web caching. The traffic shaping is basic but serves its purpose. Nice integrated solution!

    Posted 12/02/2014
  • 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    CacheGuard is different from other web security solutions by being bi-directional: it secures web traffic initiated from applications/machines/users placed in trusted zones to Internet (untrusted by default) AND web requests incoming from untrusted zones to your web applications. It offers many security features in the same box such as: firewall (Linux netfilter/iptables), proxy cache (I assume squid), WAF (based on apache/mod_security), traffic shaping (Linux)... CacheGuard is interesting because it has a real CLI (Command Line Interface). You can configure it using an SSH client and/or you can configure it using a navigator (tested Firefox and works fine with it). What I really appreciated in CacheGuard is the notion of “apply” a whole configuration at one time. With this method the integrity of the configuration and compatibility between different saved parameters are verified when you finish configuring the appliance and want to activate them. The disadvantage with CacheGuard is that even though the administration/configuration is straightforward for network/security experts it is not a plug and play solution for the non specialized audience. Very nice project! I recommend it if you are a system/network/security expert and need a unique access point to exchange web traffic from/to Internet to/from your infrastructure.

    Posted 11/27/2014
Read more reviews

Additional Project Details



Intended Audience

Information Technology, Telecommunications Industry, System Administrators, Security Professionals, Security

User Interface

Web-based, Command-line

Programming Language

Unix Shell, C, JavaScript



Thanks for helping keep SourceForge clean.

Screenshot instructions:
Red Hat Linux   Ubuntu

Click URL instructions:
Right-click on ad, choose "Copy Link", then paste here →
(This may not be possible with some types of ads)

More information about our ad policies

Briefly describe the problem (required):

Upload screenshot of ad (required):
Select a file, or drag & drop file here.

Please provide the ad click URL, if possible:

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks