Reach agent replaces with WSSA
CASB gatelets enabled with policies for specific users
CASB policies work fine but WSS logs showing that more than just CASB gatelet traffic is proxied into WSS
Traffic destined for on premise proxy is being intercepted by WSSA agent and sent into WSS
Windows client with WSSA 7.2.1 installed
CASB with a number of gatelets including O365, Google and Slack
If the option to disable the on premise proxy exists, disable it and only traffic destined for CASB will go into WSS.
If the option to disable the on premise proxy does not exist, please contact Broadcom WSS support to get build with a fix. This fix will eventually be included in the WSSA 7.3.1 build slated for March 2021.