A proxy is a special network service that allows a client to indirectly connect to another client. A proxy can be used to bypass existing network detection.
Impacts
Unauthorized operations performed by an employee of an enterprise
Proxies can be used to forward data of an enterprise to evade detection by intrusion prevention rules, access control policies, and threat intelligence rules.
Attacks
Proxies can be used to forward traffic over internal networks. This way, attackers can detect internal networks and intrude into the internal networks.
Spreading of worms and trojans
Proxies can be used by worms and trojans to evade detection by intrusion prevention rules, access control policies, and threat intelligence rules.
Operations in the Cloud Firewall console
The rules that you can use to disable operations such as the SOCKS5 proxy-related operations are in Monitor mode. If you want to disable SOCKS5 communication in the cloud, you can log on to the Cloud Firewall console, choose , and click Customize in the Basic Protection section. In the Customize Basic Protection Policies dialog box, change the mode of some or all related rules to Block. This prevents or minimizes the preceding impacts in an efficient manner.