Yes, I have experience using it. Anything in question in particular?
WCCP redirects users to a caching appliance of some sort. There are several appliances that support it like web filtering appliances, caching, proxy servers, etc. The general idea is that a user tries to go to a website and that request is intercepted. Once it's intercepted, say for instance on a switches L3 svi, it will redirect to the caching server. The caching server can check credentials etc. You can specify who is redirected, what protocols are redirected, etc.
Some of our users are able to bypass the firewall by changing the proxy settings in internet explorer. I want all port 80 traffic to go through the firewall. We have mainly 3560 switches and 4948 core switches at the data centre.We have managed routers at each site that connect to MPLS.
Any help would be appreciated
Are you trying to redirect your users to your firewall as they come into the switch and not to a caching appliance? Edison may be better versed to answer this question, but I don't believe that can be done. The better solution may be that if you only allow IE to be used on your network, control IE settings by GPO and that way the users can't change settings.
Please rate useful posts...
A GPO is not possible at the minute due to the amount of different domains etc.
It can through a web filter. I don't understand how to redirect it towards it
You can look into PBR for this traffic. As John stated, WCCP is intended as a redirector for Web Caching Engines and the FW isn't it.
So I could forward it to the proxy and that would work? The proxy is a Microsoft ISA 2006 and then filter port 80 at the firewall
Your proxy needs to be able to support WCCP as a protocol in order for it to work. According to MS site, it doesn't support it:
Problem: The Web Cache Communication Protocol (WCCP) and the Internet Cache Protocol (ICP) are not supported in ISA Server.
Solution: No workaround.
Can you provide a diagram of how users are getting around your firewall?