Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Network

  1. Last updated
  2. Save as PDF

The Network section of the Skyhigh Client Policy includes rules to forward Layer 3/IP traffic to Private Access and internet access destinations via respective gateways. The transmission is done over a WireGuard tunnel setup between Skyhigh Client and the SSE Cloud.

When the Client intercepts IP traffic, it follows a specific evaluation hierarchy:

  1.  First, it checks the Bypass and Block sections. If a rule is triggered, the action is executed immediately: Bypass allows direct transmission, whereas Block stops the IP traffic at the endpoint.
  2.  If no rules are triggered, the Network section is evaluated to determine where to forward the traffic.
  3.  Finally, any traffic that does not match a Network rule is handled according to the default action configured by the admin.

To configure a Network ruleset:

  1. Navigate to Policy > Skyhigh Client > Policy.
  2. Under the policy, select Network ruleset.
    The Network rules appear.

    clipboard_e5b0d328dc354724a72f642a7b4c37103.png
  3. In the Preset Rules section, configure the required rules.
     The following are the Preset Rules and their function:
    • Forward Private Access Traffic to Cloud Firewall. Forwards Private Access traffic to the Cloud Firewall.
    • Forward Internet Bound Web Traffic to Cloud Firewall. Forwards internet-bound web traffic to the Cloud Firewall 

TIP: Configure criteria to limit the scope of this ruleset.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    This page has no tags.