6 Replies Latest reply: May 9, 2013 2:01 PM by sliedl RSS

    Sidewinder as a reverse proxy


      Hi All,


      Please advise if Sidewinder can be used as a reverse proxy, if it's not the case, is there any plan to add this feature to the firewall in the near future?

        • 1. Re: Sidewinder as a reverse proxy

          You'll probably get a more authoratitive answer from one of the McAfee guys on this forum, but I guess it depends what you mean by reverse proxy.


          If you are speaking about caching, then I don't think so. The Squid caching proxy service was retired when version 7 came out.


          But, the HTTP and HTTPS services are sill transparent proxies in essence - because there is no direct contact between the client and the server. If you use these services in an inbound rule you will ensure that the traffic using this rule adheres to the appropriate protocol standard and you can apply an application defense definition to the rule which will allow you to govern exactly how the protocol behaves. So if there's anything, which is otherwise legitimate within the protocol, which you don't want external users to do, you can configure the application defense in such a way that these elements are disabled.



          • 2. Re: Sidewinder as a reverse proxy

            Hi Phil,


            one customer of ours if planning to replace their end of life TMG. and i was wondering if Sidewinder is the right candidate for replacement.

            what i mean by reverse proxy here is to terminate incoming connections to webservers, SSL offloading, basic load balancing, etc..

            I have heard and read that Palo Alto can act as a reverse proxy, it can even act as an SSL vpn gateway.


            Thank you.

            • 3. Re: Sidewinder as a reverse proxy

              fdamien, I don´t really know the answer about McAfee Firewall but I think the right solution for your customer is McAfee Web Gateway. It works as reverse proxy and it is an oportunity to spread the offer to your customer, the account manager will love you for sure



              • 4. Re: Sidewinder as a reverse proxy

                can MWG publish applications such as OWA over the internet?

                • 6. Re: Sidewinder as a reverse proxy

                  The firewall can terminate incoming connections to webservers, it can do SSL-offloading, it has basic load-sharing (not balancing).


                  I imagine by 'reverse proxy' you mean a proxy for external connections to come inbound (vs. proxying outbound connections).  If so, yes, the firewall is a reverse proxy.