Overview

McAfee® Client Proxy software helps protect your endpoint users from security threats that arise when they access the web from inside or outside your network.

The software, which is installed on endpoints running Microsoft Windows, Mac OS X, or macOS, redirects web requests or allows them to continue to a proxy for filtering.

Web Protection hybrid solution

Client Proxy is an essential component of the McAfee® Web Protection hybrid solution. This solution allows you to integrate the network-based and cloud-based security functions provided by McAfee® Web Gateway and McAfee® Web Gateway Cloud Service (McAfee® WGCS), respectively.

The Client Proxy software allows or redirects web traffic depending on the location of the endpoint:

  • Endpoints located inside the network or connected by VPN — Traffic is allowed to continue to a Web Gateway appliance installed on the network for filtering.
  • Endpoints located outside the network — Traffic is redirected to McAfee WGCS for filtering.

Integration with Endpoint Security

When deploying Client Proxy with McAfee® Endpoint Security on the endpoints, you install and manage each product separately using McAfee® ePolicy Orchestrator® (McAfee® ePO™) .

  • Client Proxy administrators — Configure policies and run tasks as usual.
  • Endpoint Security administrators — Have the option of configuring McAfee® Endpoint Security Web Control so that it is disabled while Client Proxy is installed and actively redirecting web traffic.

On endpoints running Windows, you can view whether Client Proxy is installed and running on the endpoint and actively redirecting traffic by opening the About McAfee Client Proxy window from the Start menu.

Client Proxy metadata

When Client Proxy redirects HTTP/HTTPS traffic, it adds metadata to the requests. Other products, such as Web Gateway and McAfee WGCS, use the metadata (for example, group membership) when applying security policies.

  • Authentication tokens
  • Authentication version
  • Customer ID
  • User ID
  • User groups
  • Client IP address
  • Original destination IP address

Note: The authentication version is the version of the metadata that Client Proxy shares.