Transparent Proxy Load

What is a Transparent Proxy?

A Transparent proxy is a server that sits between your computer and the Internet and redirects your requests and responses without modifying them. Transparent proxy does not need any configuration on the client side (outside of the SSL certificate being present and trusted.)

Why does Transparent Proxy add load to the Rocket?

The Transparent proxy works by transferring SSL traffic over the bridge and then passing it to the management NIC where it is handed to our proxy process, where it is inspected and returned to the client if the request is allowed. This involves multiple processes such as policy and ident services. These services process each use between 2 and 4 thread processes by default, depending on the hardware. Thus using Transparent proxy increases CPU usage and traffic on the bridge.

How to know how close to capacity your Rocket is running / How to decide if you should turn it on?

The answer to this varies greatly based on the Rocket hardware and amount of sessions/clients that are already connected to the Rocket. Turning on Transparent proxy will technically increase the requests that traverse the bridge of the Rocket on their way to the management NIC. Thus, the best measurement for on-network traffic would be the amount of sessions that are active consistently on the box. This is shown on the Rocket Dashboard if you hover over the Requests field.

Ex: In the following example, there are 154 active sessions.


Sessions tend to cause a bottleneck rather than function as a pipeline when it comes to proxy. Turning on Transparent proxy can up to double this number.

Note: Transparent Proxy requires the inline Rocket to have both the Traffic Bridge and Web Filter roles enabled.