Transparent interception with WCCP v2 devices

Content Gateway supports transparent interception with WCCP v2-enabled routers and switches.

HTTP, HTTPS, FTP, and DNS protocols are supported. Default ARM redirection rules are included for HTTP, HTTPS, and FTP communicating on standard ports.

Important: The network clients, Content Gateway proxy servers, and destination web servers (default gateway) must reside on separate subnets.

WCCP v2 interception works as follows:

  1. WCCP v2 devices send HTTP, HTTPS, FTP, and DNS traffic, per the configuration of the service group, to the proxy server or cluster of servers.
  2. The ARM redirects traffic. For example, HTTP traffic on port 80 is redirected to Content Gateway port 8080.
  3. The proxy processes the request as usual, sending the response back to the client.
  4. The ARM redirects packets to the client. As a result, the user sees the response as if it had been sent directly from the origin server.