Forwarding Service Object¶
Forwarding Service Objects are used in the Forwarding rules. The traffic that matches this type of rule/service is not proxied, and is forwarded as-is. This means there is no deep packet inspection and no Application ID on encrypted traffic. It's recommended to use this for East-West traffic.
Application IDs can be configured as an additional match for traffic. The Application ID can be the Client Application ID (Chrome, Firefox) or the Service Application ID (MySQL, Google etc)
Add Forwarding Service¶
- Navigate to Manage -> Security Policies -> Services
- Click Create
- Click Forwarding
- Provide a name and description
- Optionally select the Application IDs to match
- Configure proxy parameters as defined below
Option | description |
---|---|
Dst Port | Assign a destination port. For most web-based services, the destination port will be 443. |
Protocol | TCP or UDP |
Tech Notes
IPS, Application ID and other features operate only on non-encrypted traffic.