Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

List of Criteria

  1. Last updated
  2. Save as PDF

By default, each client policy and the rules under the Bypass, Block, Web, and Network sections apply to all traffic intercepted by the Client. You can limit the scope of each ruleset by configuring the following criteria.

  • All Traffic. Applies the rule to all traffic intercepted by the Client.
  • Client IP. Specifies the IP address of the Client from which the web request originated.
  • Client Process Name. Indicates the name of the process in the client/endpoint from where the traffic originated.
  • Client Ready. Indicates the operational status of the client.
  • Connection protocol. Specifies the connection protocol. For example, HTTP, HTTPS, FTP.
  • Corporate or VPN network. Specifies if the client is on a corporate network, either directly or through a VPN.
  • Destination Domain. Specifies hostname contained in the host-header/SNI in the HTTP/HTTPS request (available in Web ruleset only). It supports StringRegular expression List, and Smart Match List value types.
  • Destination IP. Specifies the IP address of the destination being accessed on the web.
  • Destination Port. Specifies the port number of the destination being accessed on the web.
  • DNS query for Private Application. Indicates the DNS request corresponding to a Private Application (available in Bypass, Block, and Network ruleset only).
  • Domains. Lists all the associated hostnames mapped to the requested IP addresses. It supports Regular expression List and Smart Match List value types. 

NOTE: An HTTPS request targeted to drive.google.com may have Domains as gmail.google.com, photos.google.com, drive.google.com, whereas Destination Domain would result in drive.google.com

  • IP Protocol. Defines the type of IP protocol used in the traffic.
  • IP Protocol Version. Indicates the version of the IP protocol (for example, IPv4 or IPv6).
  • Private Application. Matches traffic based on whether it is directed to a Private Application.  
  • Windows OS Core Traffic. Identifies traffic generated by core Windows operating system processes.

clipboard_ec2f31d278204cc2dc314b5db9745b904.png

For example, when the Block rule set is defined with criteria Domains: google.com, only traffic destined for google.com is processed and blocked by this rule. All other traffic is forwarded and handled under the Web section.

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    1. TOPIC ID 842