All Products
Search
Document Center

Cloud Firewall:Disable proxies

Last Updated:Jun 20, 2024

A proxy is a special network service that allows a client to indirectly connect to another client. A proxy can be used to bypass existing network detection.

Impacts

  • Unauthorized operations performed by an employee of an enterprise

    Proxies can be used to forward data of an enterprise to evade detection by intrusion prevention rules, access control policies, and threat intelligence rules.

  • Attacks

    Proxies can be used to forward traffic over internal networks. This way, attackers can detect internal networks and intrude into the internal networks.

  • Spreading of worms and trojans

    Proxies can be used by worms and trojans to evade detection by intrusion prevention rules, access control policies, and threat intelligence rules.

Operations in the Cloud Firewall console

The rules that you can use to disable operations such as the SOCKS5 proxy-related operations are in Monitor mode. If you want to disable SOCKS5 communication in the cloud, you can log on to the Cloud Firewall console, choose Prevention Configuration > IPS Configuration, and click Customize in the Basic Protection section. In the Customize Basic Protection Policies dialog box, change the mode of some or all related rules to Block. This prevents or minimizes the preceding impacts in an efficient manner.