About Default Cloud SWG (WSS) Bypassed Sites
search cancel

About Default Cloud SWG (WSS) Bypassed Sites


Article ID: 150855


Updated On:


Cloud Secure Web Gateway - Cloud SWG


What websites or domains does Cloud SWG bypass by default?

For some websites, I notice my traffic is going direct.  Why is that?


Cloud SWG (WSS - Web Security Service)


To provide the best user experience possible, Symantec will occasionally add popular domains or IP ranges to the Cloud SWG default Bypassed Sites lists during major releases. Symantec uses its industry leading Global Intelligence Network to identify and validate new bypass candidates to ensure that they pose no security risk. The result is improved performance to end users who stream video content without the organization losing the ability to regulate access to the content. Current default entries include:

  • Googlevideo.com – YouTube media stream CDN
  • windowsupdate.com – Microsoft Windows updates
  • nflxext.com, nflxso.net, nflxvideo.net - Netflix CDN
  • webex.com, wbx2.com - Webex conferencing 
  • zoom.us - Zoom conferencing
  • dl.delivery.mp.microsoft.com - Microsoft updates


WSS Agent, Unfied Agent, and SEP Agent use the Bypassed Sites list to determine what requests should be sent directly to the content provider rather than through Cloud SWG. You can override these settings in the Cloud SWG portal by navigating to Connectivity > Bypass Traffic > Bypassed Domains.