Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

About Configuring a Web Policy

The rules of your web policy ensure web security for your organization. They provide protection against threats that might arise when users of your organization who work with cloud services access the web, for example, when they browse websites or download files.

You can configure settings for individual rules and for groups of rules, which are known as rule sets, to implement a web policy that meets your requirements. You can also create your own rules and rule sets. 

Many rules rely on lists, for example, a rule that blocks web access for particular users relies on a list of usernames, which you can configure. You can also configure settings for other components that rules rely on, for example, for the scanning engines that scan files to find out about virus infections.

When a user's access to the web is impacted by the action of a rule, for example, when a rule blocks a file that a user wants to download from the web, a notification is sent to the user's browser, which you can also configure.

So, when configuring your web policy, you will mainly be working with the following configuration items.

  • Lists — You can fill entries in the lists that rules rely on or remove list entries and also create your own lists.

    You can go to the Web Policy page and deal with list handling as part of working with rules and rules sets. Lists are themselves listed in a list catalog. You can also go to the List Catalog page to select lists from this catalog and work with them.

    For more information, see About Working with Lists.
  • Feature settings — These settings are referred to as Feature Configurations on the user interface. A Feature Configuration includes settings for a feature under Secure Web Gateway, which is a component that handles a particular task to support rules.

    For example, there is a feature that handles the use of the scanning engines. Another feature handles the retrieval of URL categories and reputation scores from the Global Threat Intelligence (GTI) service. 

    On the Web Policy page, you can configure Feature Configurations for particular rules and rule sets. You can also go to the Feature Config page, where Feature Configurations are listed, to work with them.

    For more information, see About Working with Feature Configurations

  • Notifications for end users — You can configure the notifications that are sent to a user's browser when web access is impacted for a user by the action of a rule. The pages with these notifications are referred to as End User Notification Pages.

    On the End User Notification Pages page, you can work with templates for these pages. You can clone the default templates that are available and modify them and also create your own templates.

    For more information, see About Working with End User Notification Pages.

For more information about the Web Policy page, see Web Policy Page.

This page also provides options for viewing the code that underlies the rules of your web policy and for working with it. For more information, see About the Web Policy Code.

For a workflow with high-level steps for configuring a web policy, see Workflow for Configuring a Web Policy — Overview.

  • Was this article helpful?