Background

Because of the way some sites package content or use (or misuse) the HTTP/HTTPS protocols, those sites have difficulty transiting Content Gateway (and most other proxy servers).

When access to those sites is required, Content Gateway provides several ways to specify sites that will bypass the proxy, including static and dynamic bypass rules, and, when HTTPS is enabled, SSL Incident rules.

In addition, depending on how Content Gateway is deployed in the network, sites can be bypassed with a PAC file entry (explicit proxy deployments with most Windows clients), or via the Access Control List (ACL) on the router or switch (transparent proxy deployments).

In addition, sites that host applications that do not properly negotiate proxy user authentication are also a problem. When use of those applications is a requirement, it is possible to create a proxy filtering rule that identifies the application through the User-Agent field of the HTTP header and allows the application to bypass user authentication.

For more about bypass rules, see Interception Bypass in Content Gateway Manager Help.

For more about SSL incident rules, see Managing HTTPS website access in Content Gateway Manager Help.

For more about bypassing a site using a PAC file, see How do I specify in a PAC file a URL that will bypass Content Gateway?

See your router or switch documentation for information about ACLs.