When a user's request to access a website is blocked under Skyhigh Security Service Edge or otherwise not processed as expected, an end-user notification page is sent to the user. Using a template, you can make end-user notification pages suit your requirements.
When a user requests access to a website, this request might not lead to the expected result because it is blocked under your web policy, or the response that the requested website sent might be blocked, or still another reason might impact the transaction, for example, a connectivity issue.
An end-user notification page explains this to the user who sent the request. It consists of the following parts:
- Logo — Logo of your organization
- Name — Name of the unit or group that issues the notification, for example, IT Security.
- Message text — Text of the notification message
For example, when a request or response is blocked under your web policy, this message reads:
The content you requested is blocked by your organization's security policy.
- Reason — Reason why the request was not processed as expected
For example, when a user requested to access a web page that is blocked by an anti-malware rule of your web policy, the reason is given as follows:
Page identified as having malware, spyware, or phishing.
- URL — URL of the website that is involved, for example, the website that is blocked
- Other information — Other web-related information, for example, the IP address of a client system that a user sent a request from
- Page footer — More information, for example, about your acceptable use policy or about how to contact your system administrator, help desk or support team
Using this template, you can upload a logo, edit the name of your organization, and insert text in the footer. The text of the notification message and the reason of the notification cannot be changed here. For this, you need to work in the web policy code view.
There are several end-user notification pages, which differ in the reason that is given for showing each of them. To preview a page in its default view or after modifying it, click its name, for example, Anti-Malware, in the list on the right.
- From the Skyhigh CASB navigation bar, select Policy > Web Policy > End User Notification Pages.
- Modify page elements as needed:
- Click Company Logo and import an image file to let a logo appear in the top left corner.
- Under How do you identify your security group?, type the name of the unit or group that issues the notification, for example, Web Security Group.
- Under Acceptable use policy, type text about this policy, including contact information, or any other information you want to provide the end-user with.
You can insert variables and links in the text, for example, like this:
Rule: "$MWG.LastRule$" Hello "$MWG.Username.EscapeHTML$", this site is "$EscapeHTML(MWG.URLReputation.String(MWG.LAST_USED_config()))$" and categorized as "$EscapeHTML(MWG.UrlCategories(MWG.LAST_USED_config()).ToString())$". If you feel that the requested content has been blocked inappropriately, click here to contact your administrator.
With values for the variables retrieved, this would read as follows on the page that the end user sees:
Rule: "Global Block Lists" Hello "kevin flynn", this site is "Minimal Risk" and categorized as "Social Networking". If you feel that the requested content has been blocked inappropriately, click here to contact your administrator.
- Click Save.
You have now modified your end-user notification pages to show the style that you want your users to experience.