Broken links and warnings accessing web isolated sites
Article ID: 211242
Updated On:
Products
Issue/Introduction
Users accessing WSS using explicit access method
Customer also using email cloud service
Users receiving emails with embedded links in will have them encoded to use eu-west-email-isolation.prod.fire.glass e.g. https://eu-west-email-isolation.prod.fire.glass/?url=https%3A%2F%2Fpsimagazine.co.uk%2Freliance-high-tech-and-secure-logiq-form-partnership%2F%3Fgeneral_portal_token%XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
When users click on link, they are presented with a warning about untrusted sites
Clicking advanced view certificate shows that the certificate issues is WSS CA
Imported trusted root to user machine and warning went away but blank page rendered
Visiting the site directly works e.g. https://psimagazine.co.uk/reliance-high-tech-and-secure-logiq-form-partnership/
Environment
Cloud Secure Web Gateway
Cause
Make sure that the WSS isolation requirements defined at https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/web-security-service/help/about_malware_co/webiso_ta.html are followed, specifically with TLS inspections and root certificate imports.
Resolution
Make sure that TLS/SSL inspection is enabled on WSS side, and that the WSS root certificates are pushed down to all clients.
Feedback
