Block

Last updated
Save as PDF

You can block traffic for specific domains, IPs, ports, and processes by configuring policies. This reduces the amount of traffic that is redirected to the proxy server or Firewall for policy enforcement.

When the default client policy is applied to a web request, the Bypass ruleset processes the request initially. If the traffic doesn't match any of the rules (Preset or custom), then the Block ruleset is executed.

If the Block ruleset is matched for a given traffic, all further rule processing stops only when there is a rule (Custom or Preset) that matches the incoming intercepted traffic.

To block a client-server:

Navigate to Policy > Skyhigh Client > Policy.
Under the policy, select Block ruleset.
The Block rules appear.
In the Preset Rules section, configure the required Block rules.
The following are the rules and their function:

Block UDP Traffic on Configured Ports. Blocks UDP traffic requests sent to the configured ports in this list.

NOTE: Configured ports other than 80 and 443 are blocked only if:
1. Cloud Firewall is enabled in the Client Profile.
2. Same ports are not configured to be bypassed in the Bypass section.

Block IPV6 Traffic. Blocks all traffic sent over IPV6 protocol.
Block Traffic When Client is Not Ready. Blocks web requests sent to the Client if it's not ready.
Block Domains. Blocks requests sent to the domains in this list.
Block Destination IPs. Blocks requests sent to the IP addresses in this list.
Block Ports. Blocks requests sent to the port in this list.
Block Processes. Blocks requests sent from the process names in this list

TIP: Configure criteria to limit the scope of this ruleset.