Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Cloud Connector Tags

Skyhigh Cloud Connector tags are used to label firewall and proxy events processed by Cloud Connector. Tags are then displayed in Skyhigh CASB, and can be used to search for data via filters or on the Omnibar. You can also use Cloud Connector tags to create Data Jurisdictions to enforce restrictions on data accessed by Skyhigh CASB users. 

To create Cloud Connector tags for your tenant, contact Skyhigh Security Support

You can create tags against firewall/proxy events in the following ways:

  1. Add tags based on configuration/sub-configuration. Assign a tag based on the log location, assuming each log location is a separate configuration/sub-configuration, as defined by Skyhigh CASB Support for your Cloud Connector. For example:
    • Create a "London" tag for logs in the folder /home/fwlogs/london.
    • Create a "San Jose" tag for logs in the folder /home/fwlogs/sanjose.
  2. Add tags based on the source IP from the firewall/proxy logs using a CSV file.
    The CSV file need to be created within Cloud Connector's "shnlp" folder. The file name must be: sourceip_tag-map.csv
    NOTE: Source IP tags take precedence over configuration/sub-configuration-based tags.
    The tag format inside the CSV file must be: "CIDR,Name" i.e.:
        10.141.222.0/24,Corporate
        134.163.253.121/32,Guest
  3. Add tags on specific fields from the firewall/proxy logs. For example, you can configure field #33 as a tag, where it could represent the wireless network used.
    IMPORTANT: This method of adding tags shares the max limit of five Active Directory custom attributes for the tenant.

 

  • Was this article helpful?