RED: Webfilter Agent or Module on RED for local web breakout.
Lots of customers love the idea of the Sophos RED, but they are less enthusiastic when they learn about the web filtering limitations.
The remote site must have an Internet connection as this is what the RED uses to connect back to the central SG/XG, but if they use this for direct internet access, they have no web protection features. If they backhaul web traffic to the SG/XG they get web filtering, but waste a lot of bandwidth in the process.
I am suggesting a RED, that allows local breakout, but has a local web filter proxy controlled transparently by the central SG/XG's Web Protection policies as if they were being backhauled.
AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented
We have considered this in the past for RED devices connected to UTMs. Unfortunately RED devices are not generally powerful enough to perform Web Protection tasks locally