Conventional web and Domain Name System (DNS) cloud based network security solutions have problems associated with traffic forwarding, user authentication, device validation, and application identification on mobile operating systems. In the past, a majority of the web traffic was generated by browser based applications that were compliant with Hypertext Transfer Protocol (HTTP) protocol standards in its entirety. With the proliferation of mobile applications (“apps”), traffic-forwarding mechanisms have faced numerous challenges. Mobile apps are purposely built to talk to dedicated servers using mechanisms that may not be proxy friendly, may not handle HTTP redirections or may not support authentication cookies. Traditional browser based web transactions have a user agent as a source identifier, but not all mobile apps support unique user agents. Similarly, a DNS request does not have any application or user authentication information. Solutions other than proxy, such as those that incorporate Secure Sockets Layer (SSL) or Internet Protocol Security (IPsec) Virtual Private Network (VPN) as a traffic forwarding mechanism, can handle authentication for all traffic, but lack the scalability and computational efficiency as afforded by proxy based solutions. Further, conventional approaches do not provide a way for secure web gateways to identify a source application package and lack the capacity to enforce application specific organizational policies, such as blocking social networking apps. Additionally, conventional traffic forwarding solutions do not offer a way to locally apply device specific policies, like bandwidth control, that is beneficial to apply locally as request bytes going to cloud would cumulate from all devices. The conventional solutions also often lack the scalability and the ability required for supporting BYOD (bring your own device) model wherein only partial or containerized traffic is forwarded to a secure web gateway. Lastly, conventional methods do not offer the capacity to generate security notifications in case of locally defined device level policy violations and need re-routing to operating system specific push notification services.