You can block traffic on specific ports by configuring policies. This reduces the amount of traffic that is redirected to the proxy server for filtering.
- In Skyhigh CASB, click the Settings icon.
- Select Infrastructure | Client Proxy Management.
- In the policy tree, select Configuration Policies.
- Select a policy from the policy tree.
- In the Block traffic on these configured ports if section, select the following:
- Primary proxy server is unreachable — Select this when none of the configured proxy servers can be reached, all traffic to the configured ports and default ports 80 and 443 is blocked.
- Block traffic on Configured Ports until MCP is ready — Select this to protect the endpoint while Client Proxy is starting. All traffic to the configured ports and default ports 80 and 443 is blocked from the time the user has internet access until Client Proxy exits bypass mode and starts redirecting traffic.
- Mutual Authentication with primary proxy fails — Select this to make sure that Client Proxy only redirects web requests when it can authenticate the proxy server.
- In Additional Blocks, specify additional settings to block traffic:
- Traffic is IPv6 — Select this to block IPv6 traffic.
- UDP traffic on ports 80 and 443 — Select this to block UDP traffic on default ports 80 and 443.
- Click Save.
You can publish saved changes to the cloud now or keep working and publish later.