Gatelet policy to block external/personal gmail etc.. with WSS integration

book

Article ID: 184630

calendar_today

Updated On:

Products

CASB Audit CASB Gateway Advanced Data Loss Prevention Cloud Package

Issue/Introduction

The use case is to block external/personal gmail, drive etc... access from users on the enterprise network

WSS Integrated with SSL Interception

Certain functions that bounce to accounts.google.com to authenticate would switch to the google cert instead of applying the WSS cert that is expected in order to block access to external/personal account access.

Cause

Turned out the problem was an obscure issue...where enabling Google SafeSearch caused some cases where "drive.google.com" and "accounts.google.com" would NOT get SSL Intercepted.

   

-   SSL Interception and Decryption is required for content to get analyzed by CASB.

   

 

Resolution

- DISABLE Google SafeSearch in WSS...and confirm that CASB events and alerts are properly working.