Skip to content

Valtix Documentation

Valtix Home
User Guide
User Guide
- Overview
- Cloud Provider Setup
  Cloud Provider Setup
  - AWS
    AWS
    
    Overview
    
    Cloud Formation
    
    Route53 Logging
    
    VPC Flow Logs
    
    Tech Notes
    Tech Notes
    
    IAM Roles
    
    Discovery Features
    
    VPC Setup
  - Azure
    Azure
    
    Overview
    
    AD Application
    
    Custom Role
    
    Marketplace Terms
    
    User Assigned Identity
    
    VNet Setup
  - GCP
    GCP
    
    Overview
    
    Enable API
    
    Service Accounts
    
    VPC Setup
- Cloud Account
  Cloud Account
  - AWS
  - Azure
  - GCP
- Inventory & Security Insights
  Inventory & Security Insights
- Discovery
  Discovery
- Security Gateways
  Security Gateways
  - Overview
  - AWS
    AWS
    
    Edge/VPC Mode
    Edge/VPC Mode
    
    Ingress
    
    Egress
    
    East-West
    
    Hub Mode using Transit Gateway
    Hub Mode using Transit Gateway
    
    Service VPCs
    Service VPCs
    
    Manage Service VPCs
    
    Manage Spoke VPCs
    
    Ingress
    
    Egress
    
    East-West
  - Azure
    Azure
    
    Ingress
    
    Egress
    
    East-West
    
    Service VNet
  - GCP
    GCP
    
    Ingress
    
    Egress
- Address & Service Objects
  Address & Service Objects
  - Address Objects
  - Ingress Service (Reverse Proxy)
  - Egress Service (Forward Proxy)
  - Forwarding Service Forwarding Service
    Table of contents
    
    Add Forwarding Service
  - Application ID
- Security Policy
  Security Policy
  - Ruleset
  - Rules
- TLS and Decryption
  TLS and Decryption
  - Certificates & Keys
  - Decryption
  - Tech Notes
    Tech Notes
    
    Azure Key Vault
    
    AWS KMS
    
    Self-Signed Certificates
- Network Threats
  Network Threats
- WAF and Application Threats
  WAF and Application Threats
  - WAF (Web Application Firewall)
  - L7 DoS (L7 Denial of Service)
- FQDN and URL Filtering
  FQDN and URL Filtering
  - FQDN
  - URL
- Packet Capture
  Packet Capture
  - Packet Capture
- Investigate & Analysis
  Investigate & Analysis
  - System Status
    System Status
    
    Audit Logs
    
    System Logs
  - Flow Analytics
    Flow Analytics
    
    Overview
    
    All Events
    
    Flow Logs
    
    Firewall Events
    
    Network Threats
    
    Web Attacks
    
    HTTPS Logs
    
    URL Filtering
    
    FQDN Filtering
    
    Session Summary
    
    Traffic Summary
  - Network Analytics
    Network Analytics
    
    Stats
- Alerts & Notification
  Alerts & Notification
  - Overview
  - ServiceNow
  - Pagerduty
  - Slack
- Log Forwarding
  Log Forwarding
  - Splunk
  - Datadog
  - Syslog
  - GCP Logging
- Users & Settings
  Users & Settings
AWS Tutorials
AWS Tutorials
- Egress - Hub (Centralized)
  Egress - Hub (Centralized)
FAQ
FAQ
- FAQ
Release Notes
Release Notes

Forwarding Service Object¶

Forwarding Service Objects are used in the Forwarding rules. The traffic that matches this type of rule/service is not proxied, and is forwarded as-is. This means there is no deep packet inspection and no Application ID on encrypted traffic. It's recommended to use this for East-West traffic.

Application IDs can be configured as an additional match for traffic. The Application ID can be the Client Application ID (Chrome, Firefox) or the Service Application ID (MySQL, Google etc)

Add Forwarding Service¶

Navigate to Manage -> Security Policies -> Services
Click Create
Click Forwarding
Provide a name and description
Optionally select the Application IDs to match
Configure proxy parameters as defined below

Option	description
Dst Port	Assign a destination port. For most web-based services, the destination port will be 443.
Protocol	TCP or UDP

Tech Notes

IPS, Application ID and other features operate only on non-encrypted traffic.