Web Security Service (WSS) Traffic Redirection (WTR) integrates Symantec Web Security Service functionality into Symantec Endpoint Protection as of version 14.0.1 MP1. Symantec Web Security Service provides broad connectivity options to securely redirect web traffic, whether the user is on-premises or off of the corporate network. Symantec Web Security Service offers several access methods. For more information, see:
By adding WSS Traffic Redirection to Symantec Endpoint Protection, you can automate web traffic redirection to Symantec Web Security Service and secure the web traffic on each endpoint that uses Symantec Endpoint Protection.
To use this feature within Symantec Endpoint Protection Manager, you must have a valid Web Security Service subscription license. Contact your account representative for a Web Security Service license.
Symantec Endpoint Protection updates the proxy configuration browser settings using WSS Traffic Redirection feature. Every time a user accesses a website using a web browser, the browser sends all web browser traffic through the nearest cloud-hosted Web Security Service as defined by a Proxy Auto Configuration (PAC) file. Based on the predefined configuration, the Symantec WSS proxy can redirect, allow, or block the traffic.
As of 14.2, you can allow enhanced client authentication with WSS and a more granular control of web traffic, based on the user who sends it.
Browsers that support WSS Traffic Redirection are:
Microsoft Internet Explorer 9 - 11
Macs support Apple Safari, Google Chrome, and Mozilla Firefox.
Firefox versions 65 and later are supported as of 14.2 RU1.
Configuring WSS Traffic Redirection
In Symantec Endpoint Protection Manager, click Policies > Integrations, and then open an Integrations policy.
Under Proxy auto-configuration (PAC) file URL, enter a valid PAC file URL.
You get this URL from the administrator in your network that manages Symantec Web Security Service. You can configure or edit this URL in Symantec Endpoint Protection Manager only.
Skip the following step if you use version 14.0.1.x.
You can add a WSS integration token to gather granular information to create per-user rules.
You can define the traffic interception port if the default of 2968 does not work in your environment.
For versions earlier than 14.2 RU1, the options Traffic interception port and WSS integration token apply only to Windows computers.
(Optional): Click Install the Symantec Web Security Service root certificate on clients to facilitate the protection of encrypted traffic to install the appropriate root certificate on Symantec Endpoint Protection clients to protect encrypted traffic.
After you assign the policy to client groups, Firefox users must restart the browser for WSS Traffic Redirection settings to apply.
If you click Mixed control under Client User Interface Control Settings and then click Customize, no option exists in the client user interface settings to configure WSS Traffic Redirection.
Subscribing will provide email updates when this Article is updated. Login is required.