Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Application Coaching - Allow Coached Access to Applications

You can configure coached access to applications. When configuring this access, you select applications that are grouped as services in service groups that you have set up.

When coached access is configured for a service group, a user can access it until the limit for the session time, for example, 60 minutes, has been reached. This limit is specified as a parameter when a service group is set up.

To ensure that also HTTPS-encrypted web traffic is covered when coaching access to applications, a rule set for decrypting this traffic must be enabled and processed before. You can use the default HTTPS Decryption rule set for this purpose, which is available under HTTPS Scanning on the policy tree. 

  1. On the user interface for Secure Web Gateway, select Policy > Web Policy > Policy.
  2. On the policy tree in the navigation panel, expand HTTPS Scanning, select HTTPS Decryption, and make sure this rule set is enabled.

  3. Expand Application Control and select Application Coaching.

    The Application Coaching rule set appears in the configuration area on the right. 

  4. Configure when this rule set should apply.

    • Under Criteria, leave the default All traffic, as you want the rules in this rule set to apply to all types of web traffic.

    • Next to Applies to, leave the default Request, as you want the rules in this rule set to be processed in the request cycle of web filtering on Secure Web Gateway.


  5. Configure the rules for allowing coached access to applications that are preset in this rule set as needed. They are shown under Preset Rules in the Service Groups section. To configure these rules, you select service groups for coached access.
    • Click Add Service Groups or the + icon.


      The Service Group window opens. It provides a list of the service groups that you have set up. 

    • Select one or more service groups. Then click Done.

To enable or disable the complete rule set, use the On/Off toggles.

The filtering process will now follow what you have configured for coached access to applications.

  • Was this article helpful?