Sauce Connect Proxy establishes a secure connection between applications hosted on an internal server and the Sauce Labs virtual machines or real devices that are used for testing.
Data transmitted by Sauce Connect Proxy is encrypted through the TLS protocol, which uses perfect forward secrecy for maximum security. Sauce Connect Proxy also uses a caching web proxy to minimize data transfer. You can disable this with the command-line option
Running Sauce Connect in a Demilitarized Zone (DMZ)
Within your infrastructure, Sauce Connect Proxy must be able to reach the application or server you want to test via your network, but can and should be firewalled from the rest of your internal network.
We recommend running Sauce Connect Proxy in a firewalled DMZ on a dedicated machine and setting up firewall rules to restrict access from that DMZ to your internal network. Use caution when locating and configuring Sauce Connect in a DMZ.
For more information, see the Wikipedia entry on DMZ configurations and What Not to Do: Common Mistakes in Sauce Connect Proxy Network Configurations.