Hi,

Hope you are doing well.

In your MWG you configure your filtering policies / authentication rule etc etc.

Their are verious deployment method in which MWG can be deployed in your network like explicit proxy mode , Proxy HA mode , transparent mode etc.

For example :- If you have configured your MWG in explicit proxy mode , then you will need to enter proxy details in your users machine, which could be either manually , or pushed through GPO, proxy PAC. Usage etc.

then their is MCP software which is installed in user machine and takes care of redirection part of traffic to the configured proxy servers and thus eliminating the need of getting the proxy server details in browsers configured.

By default MCP redirects traffic destined for ports 80,443 to the configured proxy servers for filtering.

say if endpoints are being managed by EPO, then you can get this MCP software pushed through it to users machine for installation.

you can also get cloud subscription, so when user is not connected to corporate network and is outside , his traffic can be redirected to cloud proxy for filtering.

You can have an hybrid setup, wherein policy configured on  in house MWG is synchronised with cloud proxy.

In your MCP Policy , you can configure always redirecting and in proxy server list , add maybe 2 proxy servers , one being on prem MWG details on top and second being cloud proxy details .

So when user is in corporate network his traffic is being routed through on prem MWG and when user is outside corporate network his traffic is being redirected to cloud proxy.

You can take a look at our MWG best practices guide in order to know more about MWG and its features .

Regards

Alok Sarda