I have outlined the major difference between the proxy connect and direct connect.
1) Proxy connect enforces a PAC File, whereas Direct Connect Endpoint does not
– Applications can often struggle when reading PAC Files
– Since Direct Connect Endpoint doesn’t enforce any internet settings, you are free to configure these however you would like.
2) Direct Connect, connects directly to the origin server of the site
– Purple.com resolves to 18.104.22.168
– With Direct Connect endpoint, your PC connects directly to 22.214.171.124 (unless you use a different proxy)
– With proxy connect endpoint, your PC connects to one of our clusters
– Essentially if our clusters all start failing, with direct connect endpoint you won’t be impacted
– No proxy means internet browsing will be quicker with Direct Connect Endpoint
– Proxy Connect Endpoint traffic is intercepted/scanned by the Cloud Proxy
– With Direct Connect Endpoint once the traffic is received, it is uploaded to the disposition server to scan, so, it’s normally quicker, with sites we scan it could technically become slightly slower
4) Fewer issues
– Direct Connect Endpoint means you won’t come across some of the more disruptive issues which sometimes can occur with proxy connect such as:
Authentication Pop-ups, Websites blocking our clusters (this does happen!)
With proxy connect you have to enter the egress ip of the location you are at in order for you to get your credentials.
Direct connect will connect to the cloud all the time, and therefore will not need to connect to any proxy.
|2.||In the second scenario, a web request via the Direct Connect endpoint consists of two stages:|
|a.||The endpoint connects to the cloud service to look up the user’s policy settings for the requested site.|
|b.||If the request is permitted, the client then redirects the request directly to the Internet. (If the request is blocked, the user is redirected to a block page.)|