WSS Agent calls to
search cancel

WSS Agent calls to


Article ID: 233726


Updated On:


Cloud Secure Web Gateway - Cloud SWG


As an administrator, I would like to know why the WSS agent is making calls to


Web Security Service

WSS Agent 7.x+


The WSS Agent making a call to is expected behavior as the agent is ready to support a future feature release.


In the proxy access logs or report, you will see tcp:// (initial request), ssl:// (SSL worker) and (decrypted) in the logs.

The WSS proxies are doing SSL interception on "exception" for this particular domain due to the fact that the domain is of interest to us.

Once the WSS SSL proxy decrypts the request and sees that the request is coming from WSS Agent user-agent. The proxy will return a DENIED with Verdict: client_id_agent_response.

This is based on our WSS central policy and it is expected. Once WSS enables the feature in a future release, the behavior could change.