Hi,

If a customer has a corporate site where they configure Cloud Explicit Proxy as a steering method and they have clientless devices, such as servers, and the customer wants all traffic to be authenticated, what is the difference between configuring a SAML Forward Proxy account to authenticate this traffic and configuring a Reverse Proxy as a Service on the Netskope tenant? Additionally, which option is the best approach?

If the clientless device is a BYOD from a third-party worker, I assume that the best option would be to use the Reverse Proxy so that they don’t need to change the proxy settings on the device. But what about servers or corporate-managed clientless devices? What kind of authentication method should be used for them, and what are the differences, if any, between these methods?

Thanks! Regards