List of connections made by WSS Agent
Article ID: 403487
Updated On:
Products
Cloud Secure Web Gateway - Cloud SWG
Issue/Introduction
Our FW team is detecting few connections made out to Cloud SWG. Are they legit?
Environment
WSSA
Cause
Need information about WSSA connectivity through network to know legit traffic
Resolution
WSSA makes multiple connections to various Cloud SWG endpoint to establish control path and data path.
| URL | Notes |
| https://ctc.threatpulse.com | To get connection configuration including nearest datapods(DP) IP. More information How WSS Agent Connects to Cloud SWG (Web Security Service) |
| http://<DP_IP>/about/summary/health/status | To check RTT (Round Trip Time) of all DP IPs it received from CTC. RTT does not included SSL handshake delay. |
| OpenVPN connection to Cloud SWG DP | To create OpenVPN tunnel between WSS Agent and Cloud SWG over UDP (preferred) or TCP port 443. That tunnel will be used for user traffic. |
Additional Information
Datapods IP can be found on article: Cloud SWG (formerly WSS) Ingress and Egress IP addresses
Feedback
Yes
No
Powered by
