Which type of authentication mode should be used for specific proxy deployments?