Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 2057 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Proxy vs DPI

Madni Malik

hi,
if in firewall rule i use DPI instead of web proxy then if user configure proxy in his browser then that will also go through DPI or via web proxy???
please advise.



This thread was automatically locked due to age.
  • 0

    Hi,

    assuming you don't have any fields ticked and allow all, the raffia will go through dpi engine.

    ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    Hello ,

    Thank you for reaching out to the community, by default DPI engine will be used but if you enable the option "Use web proxy instead of DPI engine" then web proxy will be used. DPI engine detects and filters HTTP and SSL/TLS traffic on any port. Web proxy transparently handles traffic only on TCP ports 80 and 443.

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Vivek Jagad

    thanks Vivek,

    my question was i configure DPI on firwall rule, end user condfigured web proxy (192.68.x.x with port 8080 , this ip an port is sophos firewall) then this traffic will also entertained by DPI engine???? please confirm

  • 0 in reply to Madni Malik

    If DPI is active then DPI will be in the picture.

    But you can continue to use web proxy in direct mode by configuring the browsers on client devices.

    You can use direct proxy mode even if you don't select Use web proxy instead of DPI engine. To use direct proxy mode, you must configure clients to use Sophos Firewall in their proxy settings. For information about using Sophos Firewall as a direct web proxy, go to Web proxy configuration in Web > General settings.

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Vivek Jagad

    Hello;

    @Vivek: I think the OP was asking, if he could leave the port on the client machine as it was before, when switching over to DPI and this will be catched by the engine or not..

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    Generally Speaking: DPI Engine means, the firewall will work in the Stream based approach. It will pickup the traffic on Port 443 and decrypt it. Leave the decrypted part to the proxy to decide, if blocked or not.

    Direct/Standard Proxy on Port 8080 is not a DPI Engine based traffic. It means, the web proxy directly will pick up the traffic, not the DPI Engine. It will not leverage on the advantages of DPI (Decrypt TLS1.3, performance increase etc.). 

    __________________________________________________________________________________________________________________

  • 0 in reply to jprusch

    By default DPI is active, so I believe it should !!

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to LuCar Toni

    Let me see if I am interpreting this correctly? If you do not have any rules using the web proxy and a user enables the proxy in their browser the firewall will pass the traffic with no restrictions?
    ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    No. Without a rule, it will not be allowed. It is about the way to interact with the proxy. 

    __________________________________________________________________________________________________________________

Unfiltered HTML