How to setup a global transparent proxy in mobile devices?
Using the Codeproof Platform, The MDM/EMM Administrator can centrally configure global proxy & iptables(transparent proxy) on all the Samsung, LG and Supervised Apple devices.
Global Proxy Policy:
Using global proxy policy, all the HTTP and HTTPS traffic can be redirected to a port on a proxy server. Normally global proxy is used by pre-loaded browsers, but may not be used by other custom applications. Applications that need to open a http/https connection must check and use this given proxy configuration.
Proxy configurations are simple. Administrator can remotely set the configurations such as Proxy Server Address, Port and Proxy exclusion address list at the group level once. Then all the devices will use proxy server for the network communications no matter what WiFi or cellular network they use. See below image illustration.
Proxy Server: IP Address of a transparent HTTP proxy server
Proxy Port: Port number of a transparent HTTP proxy server
Proxy exclusions: Hostname or Ip address that will not use global proxy server configuration . For example, To exclude www.codeproof.com and blog.codeproof.com, you can use exclusion filter *.codeproof.com
IpTables Proxy Policy:
IpTables proxy configuration policy enables transparent HTTP proxy using port 80 redirection. All the traffic originally targeted to port 80 will be redirected to this proxy server.
IpTables Proxy Server: IP Address of a transparent HTTP proxy server
IpTables Proxy Port: Port number of a transparent HTTP proxy server
IpTables proxy exclusions: An administrator can add redirect exception rules on iptables. Redirect exception rules take precedence over proxy rules and reroute rules
“126.96.36.199:80” (Redirect exception to IP 188.8.131.52 on port 80)
“184.108.40.206:*” (Redirect exception to IP 220.127.116.11 on all ports)
“18.104.22.168-22.214.171.124:80” (Redirect exception for IP range 126.96.36.199-188.8.131.52 on port 80)
See below the policy configuration UI in the console.
- Login to Admin Cloud Console here
- Go to Policy Manager from the top menu
- Select a device or a group of devices ( such as “Samsung Devices”)
- On the right side, select “Samsung Security” and then select “Networking” tab
- Enter the proxy server name or IP address.
- Enter the proxy server port number
- Enter the proxy exclusion server if any
- Hit “Save” button below to save the settings
- Now all the devices in the “Samsung Devices” group will connect the specified proxy server
- See below image illustrations.
KEYWORDS: Mobile Device Management (MDM), Global Proxy, HTTP Proxy, Global Firewall, BYOD.