2 Replies Latest reply on May 31, 2013 3:33 PM by phlrnnr

    MWG Proxy vs. Transparent Bridging vs. Transparent Routing

      First and foremost, I apologize that this is a newbie question.

       

      We currently have Websense and are looking at potential replacements.  McAfee Web Gateway appears to have everything we want but I have three questions:

       

      1. If MWG is in Proxy mode, then clients need a Proxy.PAC file deployed for them to access it.  That's not the case with Transparent Bridging and Routing mode, correct?

      2. Do we lose any functionality in either of the Transparent modes compared to MWG proxy?

      3. Is there a cloud-based version of any of these such that some of our smaller offices wouldn't need an appliance?

       

      Thank you in advance for putting up with my questions!

       

      Jeremy Shelley

        • 1. Re: MWG Proxy vs. Transparent Bridging vs. Transparent Routing

          1) correct

          2) not sure which functionality is lost, but the authentication is handled differently, see the following post for more info https://community.mcafee.com/message/164417#164417

          3) there is a cloud-based filtering solution that McAfee offers, but if I'm not mistaken you would either use their McAfee Proxy Agent or point to it via a proxy.pac file

           

          Good luck

           

          Diego

          • 2. Re: MWG Proxy vs. Transparent Bridging vs. Transparent Routing
            phlrnnr

            The cloud service is limited in its capability compared to what the actual Web Gateway solution can do.  If you were to go the cloud route, I would strongly recommend using the McAfee Client Proxy agent to ease authentication to the service.

             

            We are using MWG appliances on premise and the SaaS solution for clients when they are off network.  The McAfee Client Proxy determines if the machine is on or off network, and directs the client to a service accordingly.  When on network, we have the client go to sleep and it uses our standard proxy.pac.  If off network, the MCP re-directs the web based traffic to the cloud service and handles all the authentication so the user / browser doesn't have to worry about the proxy authentication in the cloud.

             

            Message was edited by: phlrnnr on 5/31/13 3:33:42 PM CDT