Sidewinder Proxies and how they work

On Sidewinder firewalls, proxies provide high assurance protocol validation. On Forcepoint NGFW, Sidewinder Proxies are software modules on engines that enable some of the proxy features that are available on Sidewinder.

Note: Not all features supported by proxies on Sidewinder are supported by Sidewinder Proxies on Forcepoint NGFW.

Sidewinder Proxies terminate connections at the firewall, and make separate connections with each of the communicating hosts. Hosts do not communicate with each other directly. Each host communicates only with the Sidewinder Proxy. The proxy does not forward the original packet from one host to the other. Only the data from the original packets is forwarded. For TCP connections, the TCP sequence numbers, ACKs, packet sizes, windows, and other parameters are different on the two sides of the connection.

On Forcepoint NGFW, Sidewinder Proxies are supported for both Firewalls and Virtual Firewalls.