Web Proxy for Cloud-Managed Firewalls
You can now configure a web proxy for your cloud-managed firewalls.
This interface includes an in-app proxy auto-configuration (PAC) file
editor so that you can edit your proxy settings and modify your PAC file all in one
place whenever network changes arise.
The web proxy supports two methods for routing traffic:
- For the explicit proxy method, the request
contains the destination IP address of the configured proxy and the client
browser sends requests to the proxy directly. You can use one of following
methods to authenticate users with the explicit proxy:
Kerberos, which requires a web proxy license.
SAML 2.0, which requires a Prisma Access license and the
add-on web proxy license.
- For the transparent proxy method, the request
contains the destination IP address of the web server and the proxy
transparently intercepts the client request (either by being in-line or by
traffic steering). There is no client configuration and Panorama is optional.
Transparent proxy requires a loopback interface, User-ID configuration in the
proxy zone, and specific Destination NAT (DNAT) rules, which you can configure
using Transparent Proxy Rules in Strata Cloud Manager. Transparent proxy does
not support X-Authenticated Users (XAU) or Web Cache Communications Protocol
(WCCP).
You can push web proxy configurations to the following platforms:
