Reducing DNS lookups
If you are running Content Gateway in transparent proxy mode, you can enable the Always Query Destination option to reduce the number of DNS lookups and improve response time. When enabled, the Always Query Destination option configures the proxy to always obtain the original destination IP address of incoming requests from the ARM. Content Gateway then uses that IP address to determine the origin server instead of doing a DNS lookup on the hostname of the request. Because the client already performed a DNS lookup, Content Gateway does not have to.
When Always Query Destination is enabled, the value defined for the variable proxy.config.arm.use_hostname_for_wisp_and_reporting determines whether IP address or hostname is captured for reporting purposes.
It is recommended that you do not enable the Always Query Destination option if Content Gateway is running in both explicit and transparent proxy mode. In explicit proxy mode, the client does not perform a DNS lookup on the hostname of the origin server, so the proxy must perform a DNS lookup.
Also, the category lookup is performed based on the IP address, which is not always as accurate as a URL-based lookup.
In addition, do not enable the Always Query Destination option if you want domain names, rather than IP addresses, in Forcepoint Web Security transaction logs.