Proxy Chain to Explicit Proxy Exclusions - Trial Cloud

When a user device with the SmartEdge agent 2.1.0 or higher version comes to the Explicit Proxy configured Site (branch office), then the Cloud SWG Explicit Proxy and the SmartEdge agent interoperate based on Agent Override Settings.

You must bypass the following domains on your firewall for the Agent Proxy Chain configuration to work correctly while using SmartEdge Agent 2.1.0 or higher version with Cloud SWG Explicit Proxy.

Non-Tunnel Traffic

Domains Description
portal.us.bitglass.net Configurations
kinesis.us-west-2.amazonaws.com Agent Logging
direct.smartedgehealth.com Agent Health check

On Port 80 and 443

cv.us.bitglass.net Agent Configuration
smartedge-agent-svcs-apigw.us.bitglass.net Agent Override settings
a1bettfbvtfzb-ats.iot.us-east-1.amazonaws.com Agent Tray IOT Notifications
ztnarouter.us.bitglass.net ZTNA
ztnahaproxy-us-east-1b-bank2.us.bitglass.net ZTNA
smartedge-agent-svcs-apigw.us.bitglass.net Explicit Proxy Configuration
d37yfo23sufcv1.cloudfront.net Explicit Proxy PAC file
<tenant name>.swg.forcepoint.io Cloud SWG Explicit Proxy address

On Port 8081

<tenant name>--us-trial.rbi.poc.forcepoint.net RBI
  • All domains going direct in the Agent PAC File URL
  • All domains going direct in the Explicit Proxy PAC File
All bypassed domains in Agent and Explicit Proxy PAC files

All Domains

Domains Description
d15k2t0pexu7d5.cloudfront.net Web Reputation Lookup
d37yfo23sufcv1.cloudfront.net Explicit Proxy PAC file
proxy.smartedgehealth.com Agent Health check

On Port 80 and 443

<dashified domain>-<ID>.ztna.us.bitglass.net Agentless ZTNA
www.us.bitglass.net Dataplane session