Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Overview of Default Rule Sets — Old View

You can view and access the rule sets of your web policy on the Web Policy page of the user interface for Secure Web Gateway.

In the navigation panel of this page, they are shown on what is known as the policy browser or policy treeWithin this tree structure, they are grouped in branches. 

The following table lists and explains the rule sets that are available by default after the initial setup. They are listed with their branches in the order they appear on the policy tree.

Branch Short description, rule set or sets, and more information
SAML Authentication Authenticates users under the SAML authentication method.
  • SAML Authentication

    Allows you to enable the SAML authentication method as part of your web policy and to configure exceptions.

    For more information, see SAML Authentication.
Global Block Blocks requests for web access globally.
  • Global Block Lists

    Allows you to set up lists with web objects that are blocked globally and to configure exceptions.

    For more information, see Global Block Lists.
Global Bypass Lets requests for web access bypass filtering globally.
  • Global Bypass Lists

    Allows you to set up lists with web objects that will bypass all filtering when a user requests access to any of them.

    For more information, see Global Bypass Lists.

    Update Server Bypass

    Allows you to let traffic with information retrieved from trusted update servers bypass filtering.

    For more information, see Update Server Bypass.

  • Office 365 Bypass

    Allows you to let traffic with information retrieved from the Microsoft Office 365 program suite bypass filtering.

    For more information, see Office 365 Bypass.

HTTPS Scanning Inspects web traffic going on over secure connections.
  • HTTPS Connection Options

    Allows you to configure options for setting up HTTPS connections.

    For more information, see HTTP Connection Options

  • Certificate Verification

    Allows you to add certificates of your own and configure how to handle missing or revoked certificates.

    For more information, see Certificate Verification.

  • HTTPS Decryption

    Allows you to configure how HTTPS traffic is decrypted and inspected.

    For more information, see HTTPS Decryption

Content Inspection Inspects data that is uploaded or downloaded.
  •  Archive and Transfer

    Allows you to configure inspection for uploads and downloads and control the transfer of data to archives.

    For more information, see Archive and Transfer.
Common Rules Support the filtering process.
  • Add Additional Header

    Allows you to add a header to a request before it is forwarded to its destination. Several types of headers can be added.

    For more information, see Add Additional Header

  • HTTP Method Blocking

    Allows you to block HTTP traffic depending on the method, for example, POST or GET, used in a request.

    For more information, see HTTP Method Blocking

  • HTTP Protocol

    Allows you to modify HTTP traffic, for example, by adding or removing a request header.

    For more information, see HTTP Protocol.

  • Download Progress

    Allows you to choose data trickling or use of a progress page when a web object is download. You can also configure exceptions.

    For more information, see Download Progress.

  • Next Hop Proxy

    Allows you to forward web traffic to a next-hop proxy server for filtering.

    For more information, see Next Hop Proxy.

  • WebSocket Control

    Allows you to enable WebSocket traffic globally or selectively.

    For more information, see WebSocket Control.

  • SafeSearch

    Allows you to enable SafeSearch in strict or moderate mode. 

    For more information, see SafeSearch

Web Filtering Blocks access to websites.
  • Category, Reputation & Geo

    Allows you to block access to websites based on URL categories, reputation scores, and geographical locations.

    For more information, see Category, Reputation, and Geo.
Application Control Blocks access to applications.
  • Application Blocking

    Allows you to configure blocking access to applications.

    For more information, see Application Blocking.
  • ​​​Tenant Restriction

    Allows you to block access to application for individual tenants.

    For more information, see Tenant Restriction.
  • Activity Control

    Allows you to block activities relating to applications, including logon, uploads, and downloads.

    For more information, see Activity Control

  • Application Coaching

    Allows you to configure coached access to applications.

    For more information, see Application Coaching.
  • YouTube Control

    Allows you control YouTube traffic.

    For more information, see YouTube Control.

Media Type Blocks media types.
  • Media Type

    Allows you to block uploads and downloads of media types that you enter in lists.

    For more information, see Media Type.
Data Protection (DLP) Protects sensitive data.
  • Web DLP

    Allows you to configure Data Loss Prevention (DLP) as part of your web policy.
Threat Protection Blocks malware.
  • Anti-Malware

    Allows you to have web traffic scanned for malware infections and blocked depending on the scanning result. You can configure exceptions.

    For more information, see Anti-Malware.

 

  • Was this article helpful?