You can run Web Gateway together with Skyhigh Security Service Edge to filter web traffic in a Hybrid solution.
This allows you to keep the web policy that you have set up on a Web Gateway appliance for users who work in your organization on-prem. This policy is synchronized with the one that you have set up under Skyhigh Security Service Edge for users who work with cloud services.
You can also select one of the two policies as default and still filter web traffic originating from some users, user groups, and locations under the other policy. The option to select a policy as default and configure exceptions is available under Skyhigh Security Service Edge.
On Web Gateway, you need to complete the following activities to enable a Hybrid solution:
- Provide the credentials that Web Gateway submits for authentication when connecting to Skyhigh Security Service Edge
Authentication follows the process that is enabled by the Client Proxy connectivity product, which is implemented under Skyhigh Security Service Edge.
- Set up a secure next-hop proxy to ensure traffic that goes from Web Gateway to Skyhigh Security Service Edge is secure.
- Enable the download of synchronized lists with user names, user groups, and other web objects fromSkyhigh Security Service Edge to Web Gateway and download them from there
You can also review traces and log files on Web Gateway to troubleshoot issues with this solution. In addition to this, incident messages make you aware of issues with list synchronization.