Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Create a Rule Set with the Rule Builder

You can create a rule set of your own by specifying values for each of the elements that are included in a rule set.

  1. On the user interface for Secure Web Gateway, select Policy > Web Policy > Policy.

  2. On the Web Policy page, choose the position on the policy tree where you want to create the rule set. Then select options accordingly.

    • As a parent rule set

      A parent rule set is a rule set in top-level position on the policy tree. For example, the default Global Block rule set is a parent rule set. The Global Block Lists rule set below it is referred to as child rule set.


      To create a new rule set as a parent rule set, select Getting Started on the policy tree, then click New Ruleset in the top right corner. From the menu that opens, select Custom ruleset.


    • As a child rule set

      To create a new rule set as a child rule set, select a parent rule set, then click the three dots at the end of the line for this rule set. Under Add New Ruleset in the menu that opens, select Custom.


  3. Work with the options for configuring the elements of the new rule set that appear.

    Configure, for example, a rule set that applies to all the requests for web access among the traffic that is directed to Secure Web Gateway. Leave further processing of this traffic to the individual rules that you will still include in the rule set.


    1. In the Ruleset Name field, type a name for the new rule set. This name should reflect the processing that the individual rules in the rule set will perform.

      For example, type   Block URL Categories.
    2. Click Select Criteria, and from the list in the window that opens, select the criteria for the new rule set. To view short descriptions of the criteria, make sure Show Description is selected at the top of the window.

      Select All traffic, as you want the rule set to apply to the requests for web access among all the traffic that is directed to Secure Web Gateway. Then click Add.

    3. If you select All traffic as the criteria, no operator or value is needed.

      For more information about how to configure the elements of a rule or rule set, see Create a Rule with the Rule Builder.

      Click All next to Applies to on the right to configure the rule set to apply only to requests for web access among the traffic that is directed to Secure Web Gateway.

    4. From the menu that opens, select Request and deselect Response and Embedded Objects. Then click OK.

    5. To enable the new rule set, use the toggle switch on the right. If it shows a green field, the rule set is enabled. A gray field means it is disabled. Click the toggle switch to switch from one state to another. 


      If a rule set that you disable is a parent rule set, its child rule sets are disabled together with it.

      For example, if you disable the Threat Protection parent rule set, the Anti-Malware child rule set is also disabled. 

      This is again indicated by the color of the toggle switch fields. For the parent rule set, the toggle switch shows a gray field. For the child rule set, a field with a faint green color is shown if it was enabled before. You cannot use the toggle switch of this rule set then.


      If the child rule set was not enabled before, a field with a very faint gray color is shown for it after disabling its parent rule set. You cannot use the toggle switch of the child rule set then.

You have now created a new rule set with the elements that you configured. Next thing to do is filling rules into it. For information about how to do this, see Create a Rule with the Rule builder.

The addition of this new rule set to your web policy will take effect after you have saved what you configured using the Publish option.

  • Was this article helpful?