Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Search

Searching in
About 37 results
  • About Enterprise DLP
    https://success.skyhighsecurity.com/Skyhigh_Data_Loss_Prevention/Policy_Settings/Enterprise_DLP/About_Enterprise_DLP
    Enterprise Data Loss Prevention (DLP) integrates Skyhigh Security Cloud with any on-premises DLP solution that supports the ICAP protocol. Skyhigh Security Cloud scans new files and messages in the se...Enterprise Data Loss Prevention (DLP) integrates Skyhigh Security Cloud with any on-premises DLP solution that supports the ICAP protocol. Skyhigh Security Cloud scans new files and messages in the service provider per the configured DLP policy. For files that violate the DLP policy, Skyhigh CASB can enforce response actions in the service, such as quarantining the file and leaving a "tombstone" file as a message in its place.
  • Configuring TACACS Authentication
    https://success.skyhighsecurity.com/Skyhigh_CASB/Skyhigh_CASB_Settings/On-Prem_Proxy/Configuring_TACACS__Authentication
    Authentication to the local Admin App running on the Skyhigh CASB on-prem proxy can be configured to use the TACACS+ protocol in combination with an external TACACS+ server to authenticate and authori...Authentication to the local Admin App running on the Skyhigh CASB on-prem proxy can be configured to use the TACACS+ protocol in combination with an external TACACS+ server to authenticate and authorize access to the local Admin App. The "remote address" will be set to the IP address of the connecting client's machines (the IP of the machine from the admin is accessing the admin app)
  • Which Install Do you Need?
    https://success.skyhighsecurity.com/Skyhigh_Secure_Web_Gateway_(Cloud)/Skyhigh_Client_Proxy/Installation_Guide/01_Installation_Overview/02_Which_Install_Do_you_Need%3F
    The type of installation depends on whether you are managing Client Proxy with Trellix ePO or Trellix ePO Cloud, and whether your client computers are managed or standalone. When Client Proxy is manag...The type of installation depends on whether you are managing Client Proxy with Trellix ePO or Trellix ePO Cloud, and whether your client computers are managed or standalone. When Client Proxy is managed with Trellix ePO Cloud or Trellix ePO, there is no extension software to install. The client software can be installed as an application on your client computers or deployed from the Trellix ePO, Trellix ePO Cloud, or Trellix ePO management platform.
  • About Skyhigh Mobile Cloud Security
    https://success.skyhighsecurity.com/Skyhigh_Secure_Web_Gateway_(Cloud)/Secure_Web_Gateway_Setup/Skyhigh_Mobile_Cloud_Security_(SMCS)/About_Skyhigh_Mobile_Cloud_Security
    The Skyhigh Mobile Cloud Security (SMCS) allows you to extend protection to mobile devices using Skyhigh Web Security Gateway Service (WGCS), based on Cloud Application Control policies. Secure Web Ga...The Skyhigh Mobile Cloud Security (SMCS) allows you to extend protection to mobile devices using Skyhigh Web Security Gateway Service (WGCS), based on Cloud Application Control policies. Secure Web Gateway (Skyhigh WGCS) — Filters web traffic under HTTP and HTTPS to protect mobile devices operated by users of your organization according to the web policy that you have configured. Skyhigh Security Cloud (Skyhigh Security Cloud SSE)— Provides the user interface for Secure Web Gateway.
  • How the Skyhigh Security Service Edge Components Work Together
    https://success.skyhighsecurity.com/Start_Here_with_Skyhigh_Security/Skyhigh_Security_Service_Edge/How_the_Skyhigh_Security_Service_Edge_Components_Work_Together
    Security Service Edge (SSE) uses a reverse proxy to connect to those applications that do not have a direct API, and routes traffic from the cloud service to the CASB proxy to protect your organizatio...Security Service Edge (SSE) uses a reverse proxy to connect to those applications that do not have a direct API, and routes traffic from the cloud service to the CASB proxy to protect your organization’s sensitive information when it moves in and out of the cloud.
  • How Skyhigh Private Access Works
    https://success.skyhighsecurity.com/Skyhigh_Private_Access/Overview_of_Private_Access/How_Skyhigh_Private_Access_Works
    Skyhigh Private Access uses a variety of technologies to manage and control access to private applications, as shown in the following graphic: Skyhigh SSE — This is the Policy Enforcement Point, where...Skyhigh Private Access uses a variety of technologies to manage and control access to private applications, as shown in the following graphic: Skyhigh SSE — This is the Policy Enforcement Point, where it enforces the private access policy on the traffic forwarded by Client Proxy. It also updates the status of the private application to the Private Access Gateway.
  • About CSPM for AWS
    https://success.skyhighsecurity.com/Skyhigh_Cloud_Infrastructure_(CNAPP)/CSPM/CSPM_for_AWS/About_CSPM_for_AWS
    Skyhigh CASB for AWS extends Skyhigh CASB features to monitor, secure, and audit AWS environments for threat protection, anomaly detection, configuration audit, and forensic audit logs. AWS security s...Skyhigh CASB for AWS extends Skyhigh CASB features to monitor, secure, and audit AWS environments for threat protection, anomaly detection, configuration audit, and forensic audit logs. AWS security services like Amazon GuardDuty, Amazon Macie, and AWS Security Hub can be used to identify potential security issues, or findings but sometimes there might be a security finding where you need to dig a lot deeper and analyze more information to isolate the root cause and take action.
  • About Gmail Inline DLP
    https://success.skyhighsecurity.com/Skyhigh_CASB/06_Skyhigh_CASB_Sanctioned_Applications/01_Skyhigh_CASB_Native_Sanctioned_Apps/Skyhigh_CASB_Inline_DLP_for_Gmail/About_Gmail_Inline_DLP
    If the DLP inspection or policy evaluation is not finished within 55 seconds, Skyhigh CASB Gateway SMTP server uses the fail open process which relays the email back to Gmail without waiting for the p...If the DLP inspection or policy evaluation is not finished within 55 seconds, Skyhigh CASB Gateway SMTP server uses the fail open process which relays the email back to Gmail without waiting for the policy evaluation to finish. The Skyhigh CASB Gateway SMTP server proxies the connection from the Gmail server (2), performs DLP inspection, and proxies back the connection to the Gmail server (4).
  • Deployment Model Best Practices
    https://success.skyhighsecurity.com/Skyhigh_CASB/02_Skyhigh_CASB_Architecture/Sanctioned_IT/Deployment_Model_Best_Practices
    Managed Devices to Sanctioned SaaS – Since corporate data is permitted to exist on both the sanctioned SaaS and the managed endpoint, there is no need to intercept communications between them. Once au...Managed Devices to Sanctioned SaaS – Since corporate data is permitted to exist on both the sanctioned SaaS and the managed endpoint, there is no need to intercept communications between them. Once authenticated to the cloud service, the Reverse Proxy will redirect the client to connect to the SaaS directly. Managed Devices to Unsanctioned SaaS – Here, corporate data is allowed on the managed devices, but not in the unsanctioned SaaS.
  • About the Transparent Bridge Mode
    https://success.skyhighsecurity.com/Skyhigh_Secure_Web_Gateway_(On-Prem)/Secure_Web_Gateway_Product_Guide/Proxies/Transparent_Bridge_Mode/About_the_Transparent_Bridge_Mode
    The Transparent Bridge mode is one of the transparent network modes you can configure for the proxy functions of a Secure Web Gateway appliance if you do not want to use an explicit (direct) mode. For...The Transparent Bridge mode is one of the transparent network modes you can configure for the proxy functions of a Secure Web Gateway appliance if you do not want to use an explicit (direct) mode. For the high-level steps that are needed to configure this mode, see Configure the Transparent Bridge Mode. The following diagram shows a Transparent Bridge mode configuration with a Secure Web Gateway appliance placed between a firewall and a router.
  • Nodes in a Central Management Cluster
    https://success.skyhighsecurity.com/Skyhigh_Secure_Web_Gateway_(On-Prem)/Secure_Web_Gateway_Product_Guide/Central_Management/Nodes_in_a_Central_Management_Cluster/Nodes_in_a_Central_Management_Cluster
    When a node is a member of different node groups, for example, of groups A and B, it is possible to transfer data through that node from other nodes in group A that are not members of group B to nodes...When a node is a member of different node groups, for example, of groups A and B, it is possible to transfer data through that node from other nodes in group A that are not members of group B to nodes in group B that are not members of group A. To include an appliance, you can work on the user interface of another appliance that is already a cluster node or on the user interface of the appliance you want to include.