Working with Broadcom Support or searching on the Knowledge Base you are aware of the existence of Policy Fragments that are available to Broadcom Support but you would like to better understand what they are, why they are needed and what can be done with them.

WSS tenant with a Portal configuration (where the Policy source is the WSS Portal rather than an on-premise Management Center).

WSS Policy Fragments are custom CPL policy snippets.

They are created by Broadcom engineering based on internal or customer requirements (generally via Support cases).

They are generally needed when some features that are present in the WSS portal need to be heavily customised and where adding the customisation in the portal would not be beneficial to Broadcom or its customers. Policy Fragments can also be created to help resolve short lived issues, or to resolve very specific problems.

Once created they can be applied to any WSS tenant by Broadcom Support staff.

Currently there are 20+ Policy Fragments available to Broadcom Support.

Here is a short list of Policy Fragments that are used by our customers:

• Enable SSL Interception for Zoom V1
• Intercept TLS traffic to Azure AD login URLS
• Delete XFF header for reddit.com
• Domain Fronting Attack Policy V1
• SSL Intercept for Dropbox