Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Server Sizing Requirements

The Skyhigh CASB On-prem Proxy solution can be hosted in a customer environment in cases where the crypto boundary needs to be within the customer premise or the application being protected is hosted in a private datacenter. The on-prem proxy is packaged as an OVF virtual appliance that is available for download from  

Server Configuration

CPU Virtual Cores



Minimum 12 Cores 16GB 60GB
Recommended 16 Cores 32GB 100GB

Hypervisor Requirements

The Skyhigh CASB on-prem proxy can be hosted on VMware ESX/ESXi 4.0 or later. 

Scaling and Load Balancing Requirements

The Skyhigh CASB on-prem proxy is designed to be stateless and can be scaled out horizontally behind a third-party load balancer. Be sure to configure the load balancer to perform L4 load balancing only (no SSL termination) with a least connections or round robin load balancing algorithm. 

Firewall and Proxy Requirements

The Skyhigh CASB use the following ports and connection types. External firewalls and proxies must be configured to allow traffic to flow in and out of the proxy. The Skyhigh CASB proxy can be placed behind or in front of an internet proxy.  The Skyhigh CASB proxy requires a minimum of two IP addresses: one for data traffic and one for local management.


  • The data path will process traffic on ports: 80, 443 and 25. Port 25 is only required for applications that require SMTP Proxy.
  • Management traffic defaults to port 5696.
  • All traffic is TCP 


  • Was this article helpful?