There are two ways to exclude traffic from the web proxy. The first method involves the traffic flowing through the web proxy but using web exceptions so no HTTPS scanning, policy checks, or antivirus is applied. Some features like SafeSearch, pharming protection and HTTP protocol compliance that are still enforced. This method is recommended because it maintains the logic of all web traffic flowing through the proxy and continues to log and report. The exception method works in both Standard and Transparent mode.
The second method is to use firewall rules based on the source or destination that will cause the proxy to be bypassed entirely. The HTTP/HTTPS stream will be completely unaffected, and there will be no logging or reporting. This method works only in Transparent mode and is similar to Sophos UTM's transparent mode skiplist. The following sections are covered:
Applies to the following Sophos products and versions Sophos Firewall
Here are examples of different types of Web exceptions that can be used to bypass the web proxy's scanning.
To create a web exception to exclude all traffic to a particular website from scanning:
To create a web exception to exclude all traffic from an internal device from scanning:
Here are examples of different types of firewall rules that can be used to bypass the web proxy's scanning.
To create a firewall rule to exclude a website from the web proxy:
To create a firewall rule to exclude an internal device from the web proxy:
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.