Register Cloud SWG (WSS) on Edge SWG (ProxySG)
search cancel

Register Cloud SWG (WSS) on Edge SWG (ProxySG)

book

Article ID: 170563

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG ProxySG Software - SGOS

Issue/Introduction

When using the feature to Register Cloud SWG (WSS) and Edge SWG (ProxySG) in the current system, the only permitted username is sg-register.

The password for the service is generated as a token in the WSS portal. WSS uses this token to identify the appropriate Web Security Service account.

This article details the steps to configure Cloud SWG (WSS) and Edge SWG (ProxySG) integration.

Environment

Register proxy device to cloud method works with license type with fixed single serial number.

With ISG Proxy enterprise license, same serial number can be used to create multiple proxy applications.

Ref--https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/integrated-secure-gateway/2-4/About-ISG/About-Licensing.html

As cloudSWG would not able recognize unique devices proxy forwarding method needs to used.  

https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/cloud-swg/help/conn-matrix/conn-about-proxyforward.html

Resolution

This configuration takes place in two parts - Configure WSS to expect a connection from your ProxySG appliance(s) using a unique token, then configure your ProxySG appliance(s) to use that token.

Cloud SWG (WSS) Web Security Service Portal

  1. Log in to your account on the WSS portal at https://portal.threatpulse.com.
  2. From Account Configuration > Products & Licensing, select On-Premises ProxySG under Linked Products.
  3. Click New Token. The portal displays the New Integration dialog, prompting you to pick up the Token and its settings.

  4. You can set the token generated by the portal to expire by a certain time or date, after a specific amount of use, or never. Select the option appropriate to your configuration.
    NOTE: The same token can be used on multiple ProxySG appliances, as long as it is valid. 
  5. Right-click the token field and select copy to save the token to your local system's clipboard. This token is the password for your connection from EdgeSWG (proxySG) to CloudSWG (WSS).

ProxySG

  1. Connect to your Edge SWG (ProxySG) appliance(s) via GUI and go to Configuration tab:
  2. Under Cloud Configuration > Cloud Registration > Register This Device
  3. Enter "sg-register" as the username, Token as a password and add the location name so it would be added to the Cloud portal for incoming user traffic.

Additional Information

https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/web-security-service/help/wss-api/api-keys.html

Powered by Wolken Software