Proxy bypass

Proxy bypass sites are destinations that users can access either directly, or through an alternate (third-party) proxy, without going through the cloud service. For example, organizational webmail sites and system traffic, like Microsoft and antivirus updates, should be added to the bypass list.

  • For users with the Neo or Direct Connect endpoint, bypass destinations are not analyzed by the cloud service.
  • For users whose traffic is sent to the cloud service via PAC file, including users of the Proxy Connect endpoint, bypass destinations are added to the policy PAC file.
    • By default, the PAC file excludes all non-routable and multicast IP address ranges; so if you are using private IP address ranges defined in RFC 1918 or RFC 3330, you need not enter these.
    • Browsers configured to use the policy’s PAC file automatically use the cloud service, but bypass it for the specified destinations.

Any destinations that you add to the Proxy Bypass table apply only to the selected policy. To add bypass destinations that apply to all policies, use Proxy Bypass tab of the Web > Settings > Bypass Settings page.

To define bypass destinations:

Steps

  1. Click Add under the Proxy Bypass table.
  2. In the Add Proxy Bypass dialog box, enter a unique Name and helpful Description for the destination.
  3. Specify the destination Type, then enter the Address (single IP address), Subnet, or Domain.
  4. If traffic to the specified destination is managed by a third-party proxy, mark the Send traffic to another proxy check box, then enter the proxy IP address or hostname in the field provided.
    Important: The alternate proxy specified here must not be another Forcepoint proxy.
  5. Use the optional Comment box to add helpful information, such as why the entry was created.
  6. Click Continue to save your changes and return to the Connections page.
    Note: You can add a total of 1000 proxy bypass destinations per policy. Account-level bypass destinations (added via Web > Proxy Bypass) count towards this limit for each policy. For example, if your policy has 10 bypass destinations, and you have 10 account-level bypass destinations, this is counted as a total of 20 destinations for the policy.