Redirecting traffic configuration overview

Use custom Service elements to redirect FTP, SMTP, HTTP, and HTTPS traffic to a proxy service, such as Forcepoint Web Security Cloud, for inspection.

Figure: Elements in the configuration

You must create a custom Service element and a Proxy Server element. The Protocol Agent element that you attach to the Service determines the protocol of the traffic that you redirect. The Service element contains a parameter that defines to which Proxy Server the traffic is redirected. Use the Service in Access rules in the Firewall Policy to select the traffic to be redirected. If you have more than one proxy service available, you can create different Services to represent each proxy service.

NAT is automatically applied to the communication between the client and the destination server, including reply packets. In some network topologies, however, you might need to manually define address translation in the properties of the custom Service element.

Follow these general steps to configure redirection of the traffic:

1. Create the Proxy Server element that represents the proxy service.
2. Create a custom Service element that references the Proxy Server element.
3. Define the Access rules that select traffic for redirection.