Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 2058 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Proxy vs DPI

Madni Malik

hi,
if in firewall rule i use DPI instead of web proxy then if user configure proxy in his browser then that will also go through DPI or via web proxy???
please advise.



This thread was automatically locked due to age.
Parents
  • 0

    Generally Speaking: DPI Engine means, the firewall will work in the Stream based approach. It will pickup the traffic on Port 443 and decrypt it. Leave the decrypted part to the proxy to decide, if blocked or not.

    Direct/Standard Proxy on Port 8080 is not a DPI Engine based traffic. It means, the web proxy directly will pick up the traffic, not the DPI Engine. It will not leverage on the advantages of DPI (Decrypt TLS1.3, performance increase etc.). 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Let me see if I am interpreting this correctly? If you do not have any rules using the web proxy and a user enables the proxy in their browser the firewall will pass the traffic with no restrictions?
    ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    No. Without a rule, it will not be allowed. It is about the way to interact with the proxy. 

    __________________________________________________________________________________________________________________

Reply Children
No Data
Unfiltered HTML