Users bypassing bluecoat proxy

It's a never ending game of cat and mouse
http://community.spiceworks.com/topic/277623-best-way-to-block-hotspot-shield-and-other-unwanted-proxy-vpn-style-software

Start by limiting DNS leaving the wan and force your own servers. Then you can block sites. Unless you have a meraki or some other layer 7 appliance...

Also proxy setting lockdown is enforced in managed client machine together with application control and no admin rights.  Even to single out only using specific browser only.

Use WCCP to force them through the proxy, block outgoing destination ports for the user subnets so they can't use services on non-standard ports or vpn services.
Most importantly have a policy that they are aware of that tells them they can be disciplined for for such actions.
-rich

We have disabled users from installing softwares in our domain. That does the trick. If windows group policy is properly designed, users can only do what you want. They cannot even change proxy ip in Internet explorer.

Windows domain has enough power to stop users, only we never learn/implement it properly.

You can't block everything. Deal the the root issue: why are people installing something to bypass your proxy?

If you machine as installed bluecoat agent. You can disable bluecoat agent temporarily using below in cmd (runas administrator) if you have admin rights.

Run cmd as administrator
Net stop bcua-wfp                  [this service may not be visible in services.msc]
taskkill /im bcua-service.exe /f

after you can see the service status as down.


To start the service:
net start bcua-wfp
net start bcua