Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Onboard a User to the Skyhigh Client

  1. Last updated
  2. Save as PDF

Onboarding users to the new Skyhigh Client (SC) helps configure and deploy the latest policies, facilitating seamless integration. This ensures that the users operate with the most up-to-date policy frameworks and security protocols.

Prerequisite

  • Skyhigh Client 5.0.0.x
     

To onboard a user to the Skyhigh Client, go to Policy > Skyhigh Client > Policy.

NOTE: On the Skyhigh Client page, the Start From Scratch option is selected by default.

clipboard_eefb5900b144374640de9e5e785a524bd.png

The setup of the Skyhigh Client comprises two steps: 

  1. Create a New Skyhigh Client Policy and Download the Client Bundle
  2. Apply Policy to the New Skyhigh Client

To create a new Skyhigh Client policy and download the Client Bundle:

  1. On the Skyhigh Client page, click Get Started.
  2. On the Skyhigh Client Policy and Configuration window, perform the following configurations:
    1. Tenant Authentication
      Skyhigh Client uses the tenant credentials to communicate securely with the Skyhigh SSE. Credentials consist of a Customer ID and a Shared Secret.
      In the Enter Tenant Credentials section, enter the following:
      1. Customer ID. The customer ID is auto-populated.
      2. Shared Secret. Enter the shared secret. The shared secret is the password that secures communication between the Skyhigh Client and the Skyhigh SSE. 

NOTE: 

  • The Shared Secret field is greyed out for a user with an existing SCP policy.
  • Skyhigh Client provides one Shared Secret per tenant; updating the Shared Secret will also reflect the changes for the 4.x Client.
  1. Confirm Shared Secret. Re-enter the shared secret.
  2. Click Next.

    clipboard_ed1a69874005edec3dd6951932c04fad9.png

 

  1. Gateway

    Gateways are crucial as they serve as exit points for directing web, non-web, and private application traffic from endpoints to appropriate destinations.
    The Gateway section in Client UI enables you to define a list of Skyhigh Secure Web Gateways present on-premises or on the cloud. Gateways for Cloud Firewall are determined internally by Skyhigh Client.

    In the Gateway section, enter the following:
    1. Gateway Name. Enter a name for the gateway.
    2. Hostname / IP Address. The Hostname or IP Address includes the Hostname/IP Address and Port Number of the gateway. The default gateway information that connects to Skyhigh SSE is auto-populated.
    3. (Optional) Click Add Host to add an additional host.
    4. Selection Method. Provides flexibility to choose how to prioritize and select hosts for managing outgoing traffic. There are two available methods: First Available and Fastest Response Time.
      • First Available. Connects to the first accessible host from the list of configured hosts. Additionally, this helps to select a specific host from the list of configured hosts to transport the traffic from the endpoints.
      • Fastest Response Time. Connects to the host that has the fastest response time in the list of configured hosts.
      • Automatic Switch Over. The software checks the host list at the specified interval. If an active host with quick response is available from the configured list, the software automatically switches to it. This option is available only when connected via the First Available host selection method.
    5. Click Next.

      clipboard_e052d51a476f81d5b612b4b43ff3bab7b.png

  2. Policy

    The Policy settings enable you to define a name for the default Skyhigh Client Policy. Policy will have a preset collection of rules that enable traffic redirection from endpoints using a default client profile.

    In the Enter Default Policy Name section, enter the following:

    1. Policy Name. Enter the policy name.

NOTE:  By default, the policy name is set to Default Policy and mapped to the default Client profile.

  1. Click Publish & Next.

clipboard_e0cbaa035773c1a5675cfafe96ccb40fc.png

  1. Download Skyhigh Client

    1. After completing Tenant Authentication, Gateway Setup, and Policy Configuration, click Download Skyhigh Client.
    2. Under the Publish Policy & Download Client Bundle section, select an applicable operating system.
    3. Click Publish and Download.

clipboard_e07343eeddf65fa58d50333dab4bc6e90.png

The Skyhigh Client Bundle is downloaded. A Client Bundle is a compressed archive containing a Skyhigh Client policy and Skyhigh installer for a specific operating system. 

  1. On the Download Skyhigh Client Bundle window, in the What you can do next section, perform the steps to install, run, and view the Skyhigh Client application.
  2. Click Done.

    clipboard_e8657b56d1b6229f4195b024ef54a05f7.png

You are successfully onboarded. The new policy appears under the policy tree of the SC Policy dashboard. You must configure the new policy to suit your requirements by referring to the Configure the Skyhigh Client Policy section.

Apply Policy to the New Skyhigh Client

The downloaded Skyhigh Client Bundle contains the new Skyhigh Client policy (OPG file) and the Client installer. Deploy them to the endpoints using applicable deployment methods.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    1. TOPIC ID 888
    2. TOPIC ID 890