Access Method: Proxy Forwarding
The default forwarding policy will forward all internet traffic the Cloud SWG
This article explains how to send requests to specific destinations DIRECT from the local ProxySG (and bypass the Cloud SWG).
The default Cloud SWG forwarding policy should be modified to prevent the local ProxySG from forwarding specific traffic to the Cloud SWG
The following section should be modified to send specific domains to go DIRECT from local ProxySG (and bypass Cloud SWG):
(Destinations should be added into the following two definitions):
define condition BC_Cloud_Proxy_Bypass_List
url.host.is_private=yes ; internal traffic
; Add any other public IPs that are not to route to the Web Security Service
url.domain=portal.threatpulse.com; threatpulse portal
url.domain=bluecoat.com ; style sheets
end
define condition BC_Cloud_Forward_Bypass_List
server_url.host.is_private=yes ; internal traffic
health_check=yes ; Normally, don't forward health checks
; And any other additions required to keep it in line
; with the above BC_Cloud_Proxy_Bypass_List
server_url.domain=portal.threatpulse.com; threatpulse portal
end
For example, the definition will look like this if traffic to "bluecoat.com" should go DIRECT from local proxy:
define condition BC_Cloud_Proxy_Bypass_List
url.host.is_private=yes ; internal traffic
; Add any other public IPs that are not to route to the Web Security Service
url.domain=portal.threatpulse.com; threatpulse portal
url.domain=bluecoat.com ; style sheets
url.domain=bluecoat.com
end
define condition BC_Cloud_Forward_Bypass_List
server_url.host.is_private=yes ; internal traffic
health_check=yes ; Normally, don't forward health checks
; And any other additions required to keep it in line
; with the above BC_Cloud_Proxy_Bypass_List
server_url.domain=portal.threatpulse.com; threatpulse portal
server_url.domain=bluecoat.com
end