Cloud SWG (formerly Web Security Service - WSS) is designed to block the types of websites that are a source of viruses, malicious content, and spyware (drive-by bots). The default and unalterable Content Filtering policy prevents access to malicious content websites. Default blocked categories are located in the following sub-groups:

• Security > Security Concerns: Spam
• Security > Security Threats: Malicious Outbound Data/Botnets, Malicious Sources/Malnets, Phishing, Proxy Avoidance
• Legal Liability > Liability Concerns: Child Pornography

No additional configuration is required. Cloud SWG does enable you to designate trusted sources and the destinations that are never scanned for malware.

You can exempt:

• Specific IP addresses and subnets—Use Case: Your employees routinely access information that is stored on an external server that isn't otherwise connected to the Internet.
• Domains/URLs—Use Case: Your employees routinely access information from a secure partner site.
• Categories—Use Case: You have a collection of categories that you want to be scanned only for risky files.
• Web Applications—Use Case: You feel financial applications, such as E*Trade, do not require malware scanning.

Cloud SWG (formerly Web Security Service - WSS)

To add traffic to Trusted Destinations:

1. Navigate to the Cloud SWG portal

2. Select Policy from the left-hand menu

3. Select Threat Protection

4. Select Trusted Destinations (G2 rule)

5. Select traffic from the available list and select add OR Select "New" to define a new IP, domain, etc.

6. Click Save

7. Be sure to click "Activate Policy" to ensure that the changes are applied.

If desired, create a new policy in the Content Filtering Rules to restrict broad access to the site(s). The policy can be used to restrict the access to only certain users, groups or access method for specific sites listed under Trusted Destinations.