Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

HTTPS Connection Options

Work with a rule set that allows web requests sent to the some domains, hosts, WebEx servers, or Citrix servers to bypass HTTPS scanning and go directly to the Internet.

When these rules are applied to a web request and the request is allowed, all further rule processing stops.

From this rule set, you can open and configure the HTTPS Connection and Certificate Verification Options features.

  1. On the user interface for Secure Web Gateway, select Policy > Web Policy > Policy.
  2. From the policy tree, select HTTPS Scanning > HTTPS Connection Options.
  3. Optionally configure criteria to limit the scope of this rule set.
  4. Select the HTTPS connection rules that you want to enable. When selected, these rules will work as follows.
    • Do not HTTPS Scan these domains or hosts — Allows web requests sent to the domains or hosts in this list to bypass filtering.
    • Do not HTTPS Scan WebEx Servers — Allows web requests sent to the WebEx server IP ranges in this list to bypass filtering.
    • Do not HTTPS Scan Citrix Servers — Allows web requests sent to the Citrix server IP ranges in this list to bypass filtering.

      Traffic sent to WebEx and Citrix servers is preconfigured to bypass HTTPS scanning because it cannot be scanned as web traffic. These settings cannot be changed.
       
  5. Configure the lists associated with the rules as needed.

Changes to the policy tree, rule sets, or rules are automatically saved. You can publish them to the cloud now or keep working and publish later.

  • Was this article helpful?