Users accessing WSS using explicit access method
Customer also using email cloud service
Users receiving emails with embedded links in will have them encoded to use eu-west-email-isolation.prod.fire.glass e.g. https://eu-west-email-isolation.prod.fire.glass/?url=https%3A%2F%2Fpsimagazine.co.uk%2Freliance-high-tech-and-secure-logiq-form-partnership%2F%3Fgeneral_portal_token%3Da22d16c3a9c9d89990f743433ce9b82457e617447719cf96c7689135882b279f
When users click on link, they are presented with a warning about untrusted sites
Clicking advanced view certificate shows that the certificate issues is WSS CA
Imported trusted root to user machine and warning went away but blank page rendered
Visiting site directly it works e.g. https://psimagazine.co.uk/reliance-high-tech-and-secure-logiq-form-partnership/
Make sure that the isolation requirements defined at https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/web-security-service/Help/Prevent_Malware_12/about_webiso_co.html are followed, specifically with TLS inspections and root certificate imports.
Make sure that TLS/SSL inspection is enabled on WSS side, and that the WSS root certificates are pushed down to all clients.