Example: redirecting traffic to the Internet to a proxy service

The example company has decided to screen out non-work-related connections using a proxy service. The company can screen the HTTP and HTTPS connections that employees open to the Internet.

The Proxy Server acts as a proxy for these connections. The administrators have already installed the proxy on premises and configured it to process HTTP and HTTPS traffic according to the company’s policy.

To configure the redirection, the administrators:

  1. Create a Proxy Server element to represent their proxy service.
  2. Create a custom Service element for both HTTP and HTTPS (HTTP-PROXY-Redirect and HTTPS-PROXY-Redirect) that refer to the Protocol Agents for those protocols.
  3. Add the reference to the Proxy Server to the Protocol Agent parameters in the Service properties.
  4. Create the Access rules that redirect connections to the proxy service, and the connections that the proxy service then opens to the Internet or any other destination.
    ID Source Destination Service Action
    14.1 Internal Network element ANY HTTP-PROXY-Redirect Allow
    14.2 Proxy Server element ANY HTTP Allow
    14.3 Internal Network element ANY HTTPS-PROXY-Redirect Allow
    14.4 Proxy Server element ANY HTTPS Allow
    Connections opened from the corporate LAN are redirected to the proxy in rules 14.1 and 14.3. The proxy then connects to the actual destination, which is allowed in rules 14.2 and 14.4.