Proxy Configuration for Skyhigh Security Web Gateway
Skyhigh Security Web Gateway (version 7.4 and higher) proxies provide support for retrieving a custom category list of URLs into a local database via HTTP. This section describes the steps required to implement an integration with a Skyhigh CASB Custom Category URL.
- Login to the Skyhigh Security Web Gateway, and select Policy > Lists.
- Select add +.
- Enter a name for the list, for example, Skyhigh Cloud Connector.
- Activate List content is managed remotely.
- Select Customer Maintained List.
- Click Setup.
- Configure the settings for the list content:
- URL to download
- For Legacy Workflow: Set this to the Cloud Connector URL, visible in the Cloud Connector user interface, http://<enterprise-connector-hostname>:8443/ or http://<enterprise-connector-ip>:8443/custom
- For Revised Workflow (New Skyhigh CASB version 4.2.0.1 or above): From the Firewall Proxy Integration page in the Skyhigh CASB dashboard, use the URL as published.
- List content update. Daily at 12:00 am.
- Leave the rest of the fields in the default settings.
- URL to download
- Click OK to close the window.
- Click OK again.
- Expand the Subscribed list to confirm that the Skyhigh Cloud Connector list now displays in the list.
- Click the Rules tab, highlight the HTTP or port 80 traffic rule, and edit it.
- In the Add Criteria dialog, for Property select URL.SmartMatch(list of string) and for Operator select equals. Then select the list you added in Step 3 as Parameters, for example, Skyhigh Cloud Connector.
- On the Action tab, select Redirect to go to your coaching splash page, for example, http://internalnotice.company.com/policy.html.
- Click OK.
This should now redirect all URLs that were sent to Cloud Connector from the Skyhigh CASB dashboard.