Introduction

Proxy chaining involves connecting two (or more) proxies together, with one proxy forwarding traffic to another. This configuration may be used if you have an existing proxy in your network that you wish to connect to Forcepoint Web Security Cloud. In this scenario, you can leave users’ browser settings unchanged and configure your existing proxy to forward all HTTP, HTTPS, and FTP requests to Forcepoint Web Security Cloud.

If your proxy is capable of using a PAC file, use the one provided in the Forcepoint Cloud Security Gateway Portal, also referred to as the cloud portal.

This is ideal, because the Forcepoint Web Security Cloud PAC file changes automatically based on your policy settings.
Otherwise, download a copy of the PAC file and duplicate its functionality within in your proxy configuration.

In this case, you may have to make manual changes to your proxy configuration when your policy settings change.

Forcepoint Web Security Cloud has been tested with a number of commercially available proxies in chained proxy configuration. This document provides basic configuration instructions for the following third-party proxies, which have been tested and validated for use with the service:

Microsoft ISA Server or Forefront TMG
Blue Coat ProxySG
Squid Proxy

Note: Proxy chaining is not applicable if you are deploying Forcepoint Web Security Cloud with an I Series appliance.