Proxy-Auto Configuration (PAC) is a JavaScript function that determines whether web browser requests (HTTP, HTTPS, and FTP) go directly to the destination or are forwarded to a web proxy server. The JavaScript function contained in a PAC file returns a string with one or more access method specifications, causing the user agent to either connect directly or use a specific proxy server.  

Downside to PAC Files

According to Fraudwatch, the risks of using PAC files include:  

  • Many possible conditions (raw JavaScript code) 
  • Not very user friendly but commonly used for iOS 
  • Known security concerns related to PAC files 
  • Potential for malicious redirection that could compromise user information (malware/phishing) 
  • Rely on inline/in-network filtering technologies, which can have scaling issues 
  • Proxies slow things down (cause latency) 

What do we suggest instead?

  • iOS Loopback filter is one specific variation of our client filter for iOS 
  • The iOS loopback filter is a system level filter that uses the MacOS API (Application Programming Interface) to create an app-proxy on the loopback interface 
  • Our approach is proprietary and patented  
  • Netsweeper can use all these technologies however, primarily, for education we recommend client filter for the fullest feature experience that satisfies most requirements 

Why is it Better?

  • All filtering and decryption are done on device offloading some of the workload 
  • The actual request/response between the client and the policy server is extremely lightweight and therefore highly scalable as we only transfer the header information
  • Allows us to decrypt all traffic (system level) on the device, not just browser traffic 
  • Much less perceived slow down “latency”  

Book a demo with one of our solution experts to see how Netsweeper can help you!