Web
The Web section of the Skyhigh Client Policy includes rules to forward web traffic to Private Access and internet access destinations via respective gateways.
When the Client intercepts web traffic, it follows a specific evaluation hierarchy.
- First, it checks the Bypass and Block sections. If a rule is triggered, the action is executed immediately: Bypass allows direct transmission, whereas Block stops the connection at the endpoint.
- If no rules are triggered, the Web section is evaluated to determine where to forward the traffic.
- Finally, any traffic that does not match a Web rule is handled according to the default action configured by the admin.
NOTE: The criterion Destination Domain is available only in Web ruleset, whereas Domains, is available in all rulesets (Bypass, Block, Web, and Network).
To configure a Web ruleset:
- Navigate to Policy > Skyhigh Client > Policy.
- Under the policy, select Web ruleset.
The Web rules appear.
- In the Preset Rules section, configure the required rules.
The following are the Preset Rules and their function:- Block Traffic if Gateway is Unreachable. Blocks traffic if the Gateway is Unreachable.
- Forward Private Access Traffic to a Gateway. Forwards private access traffic to a default gateway.
- Forward Internet Bound Web Traffic to a Gateway. Forwards Internet-bound web traffic to a default gateway
TIP: Configure criteria to limit the scope of this ruleset.