search cancel

Domain listed under Trusted Destination is being blocked by Web Isolation policies

book

Article ID: 175431

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

Web Isolation is blocking the domain being used even when the domain has been added as a Trusted Destination in the Web Security Service (WSS) portal.  

Environment

Web Security Service

Web Isolation

Cause

Web Isolation is set up with a policy to block and isolate suspicious websites. For example, a policy is set up to block domains with a risk classification rating of 5 - 10. The domain being accessed has a risk level of 10 and Web Isolation is isolating and blocking the domain. This will occur before the domain reaches WSS and, as a result, any of the rules listed under Trusted Destinations will not be applied.

Resolution

In addition to adding a domain to Trusted Destinations, the domain needs to be added to a policy under Web Isolation that is set to "Do not Isolate". This rule will tell Web Isolation to not isolate or block the domain and, as a result, the domain will reach WSS and will be evaluated under the policies listed in its configuration, including the Trusted Destinations.

To create a rule to exempt a domain from Web Isolation:

From within the WSS portal:

  1. Navigate to Policy > Web Isolation
  2. Select Add Rule
  3. Add the destination domain
  4. Set to Do not Isolate
  5. Click Add
  6. Click Activate Policy