search cancel

"Identify Traffic" options explained for SEP tunnel mode

book

Article ID: 253925

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG Endpoint Protection

Issue/Introduction

In configuring the SEP client to route traffic to the Web Security Service (WSS) using the SEP "tunnel" mode, what is the difference between the three options to identify user traffic: 

"Identify Traffic"

1. Based on the console user

2. Using WSS SAML authentication

3. Based on the running process


NOTE: these settings require SEP 14.3 RU5 (or later)

Resolution

To access the "Identify Traffic" options for the SEP "tunnel" mode: 


Login to the SEP Manager (SEP-M) and navigate to: 

Policies -> Web and Cloud Access Protection

"Redirection Method" drop-down, select: Tunnel

"Identify Traffic" drop-down (options explained below)


Based on the console user: 
- Accessed by RDP: NO
- Requires a WSS tunnel before login: NO
- Use on multi-user machine: NO

Using WSS SAML authentication: 
- Accessed by RDP: YES
- Requires a WSS tunnel before login: YES
- Use on multi-user machine: NO

Based on the running process: 
- Accessed by RDP: YES
- Requires a WSS tunnel before login: YES
- Use on multi-user machine: YES

 



Additional Information

SEP Web and Cloud Access Protection (WCAP) - Tunnel Mode

SEP reports “No user logged on at physical console” and fails to connect to WSS

Attachments