Edge SWG requires Internet access for license validation, databases updates, trust-package updates among other things.

In some isolated environments there may be no way configure direct Internet access for Edge SWG.

To Achieve this Internet access is provided by other next-hop Proxy (Broadcom or other vendor).

This is often referred as proxy chain setup.

• Edge SWG in Isolated environment (No direct Internet access)

Accessing Internet through other Proxy requires Forwarding Host configuration.

Configure Forwarding Host:

• Configure Forwarding Hosts
• For next-hop Proxy working in Explicit mode please select "proxy" Type
• Check  "Use forwarding for administrative downloads" under Forwarding Hosts configuration section

Configure Policy to forward administrative traffic:

• Under VPM Policy editor create new Forwarding Layer
• Specify Destination - for  Administrative traffic this can be  limited to bluecoat.com domain
• Action  - Select "Select Forwarding" and move Forwarding Host configured in above step to "Selected" section
• Apply and save changes

This configuration should direct self-generated administrative traffic (for bluecoat.com domain) of Edge SWG to the next-hop Proxy.