Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Key Features

  1. Last updated
  2. Save as PDF

The Skyhigh Client Proxy Client Proxy is a unified client that works with Skyhigh's security solutions, including Secure Web Gateway (both On-prem and Cloud), Skyhigh Private Access, and Cloud Firewall. It is responsible for steering traffic from the end-users to the Skyhigh SSE Network based on the policies that you configure.

Key Capabilities Include:

  • Traffic redirection — The software redirects web traffic to proxy servers for filtering according to the settings in the Client Proxy policy. Once the Client Proxy policy is applied, it starts redirecting the traffic even if no user logs in.
  • Location awareness — Location-awareness settings allow one policy to cover users working inside the network, outside the network, or connected to the network by VPN.
  • Centralized management — The software is managed with Trellix ePO SaaS, Trellix ePO Cloud, or Trellix ePO.
  • Browser independence — Proxy server settings are configured in Client Proxy instead of in the browsers running on the endpoints.
  • Transparent authentication — Client Proxy authenticates users without prompting for credentials and passes group membership and other information in metadata that it adds to HTTP/HTTPS requests.
  • Tamper resistance — Users are not allowed to remove Client Proxy software from the endpoint without requesting and receiving a temporary release code from an administrator.
  • Secure Channel — The software establishes a secure communication channel between Client Proxy and Skyhigh Security WGCS for all HTTP/HTTPS requests. This is applicable only for cloud proxies.

  • Antivirus — The Skyhigh Client Proxy works seamlessly with the Trellix Antivirus installed on the end user’s device. When SCP is deployed on the endpoint, it triggers the Trellix Agent to install the Endpoint Security software, which is essentially the Antivirus software. Together, the Skyhigh Client Proxy and the endpoint antivirus software provide comprehensive protection for the end user's device.

  • Data Leak Prevention (DLP) — SSE solution, featuring a Secure Web Gateway, safeguards sensitive data by scanning all web traffic for DLP violations. This can be achieved through flexible deployment options: agent-based or via PAC file mechanisms. 

    The Client Proxy facilitates the application of DLP policies and performs DLP scanning on web proxy traffic. It intercepts web traffic, which is then scanned according to the defined DLP policies.

  • Sandboxing — The Skyhigh Client Proxy along with the SWG enables the customers to use the Advanced Threat Protection Sandboxing Engine and perform additional scanning on the web traffic. This Sandboxing engine helps users monitor user & administrator activity in the cloud, discover risks to sensitive data & infrastructure from inside threats, identify compromised accounts & risky users. This functionality is applicable for both On-prem and Cloud users.

  • Wireguard Tunnel Capabilities: The Skyhigh Client Proxy also has capabilities to create an end-to-end Wireguard Tunnel that helps in the transmission of UDP protocol traffic. This is applicable to Skyhigh Cloud Firewall and also traffic for Private Applications that use UDP protocol.

     

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    1. McAfee ePO
    2. MVISION ePO
    3. WGCS