Introduction

The transparent proxy option enables Content Gateway to respond to client Internet requests without requiring users to reconfigure their browsers. It does this by redirecting the request flow to the proxy after the traffic has been intercepted, typically by a Layer 4 (L4) switch or router.

In a transparent proxy deployment:

  1. The proxy intercepts client requests to origin servers via a switch or router. See Transparent interception strategies.
  2. The Adaptive Redirection Module (ARM) intercepts incoming packets and redirects them to the proxy. (The ARM is always enabled.)
  3. The proxy receives and begins processing the intercepted client requests. The proxy retrieves the object from the origin server and serves it to the client.
    Important: For transparent proxy configurations with multiple interfaces or gateways, Content Gateway must have proper routes to clients and the Internet in the operating system’s routing table.

For HTTP, the proxy can identify problem clients and servers, and the ARM can disable interception for those clients and servers, passing their traffic directly to the origin server. You can also create ARM static bypass rules to exempt clients and servers from being redirected to the proxy. See Interception bypass.