SWG Subscribed List Integration

Create Subscribed List

Back on your Skyhigh SWG lab appliance, create a new subscribed list to retrieve the “Anonymous Data Upload Services” service group from the Skyhigh Cloud Connector. The URL for accessing the Cloud Connector web server is: https://s3.us-west-2.amazonaws.com/resources.skyhighlabs.net/hybrid_lab_files/cc_anonymous_data_upload_list.txt

  1. From Policy > Lists menu, click on (+) to create a new list

CASB SWG List 1 CASB SWG List 1

  1. Enable and setup remotely managed customer-maintained list.

CASB SWG List 2 CASB SWG List 2

  1. Enter the URL for the list on the Cloud Connector. You can keep all other default settings. Complete the setup with OK.

CASB SWG List 3 CASB SWG List 3

Once the subscribed list is configured successfully, the SWG will access the URL and download its content from the Cloud Connector.

CASB SWG List 4 CASB SWG List 4

Create URL Block Rule

Next, on the SWG lab appliance we will create a new block rule within the URL Filtering / Default Rule Set, for URLs that matches an entry in the „Anonymous Data Upload Services“ list (type string). In our lab we will create a SmartMatch rule to match any combination of the list entries against the requested URL.

  1. From Policy > Rule Set menu, select the URL Filtering / Default rule set Add a rule and give it an appropriate name.

CASB SWG Block Rule 1 CASB SWG Block Rule 1

  1. Next, for Rule Criteria select URL.SmartMatchList and configure the ”Anonymous Data Upload Services” list as Parameter.

  2. Set the Operator/Value to “equals true”

CASB SWG Block Rule 2 CASB SWG Block Rule 2

  1. Next, assign the Action “Block” and select an appropriate block page in the Settings

CASB SWG Block Rule 3 CASB SWG Block Rule 3

  1. Finish the policy configuration and save all changes.