Users accessing internet sites via Cloud SWG using SEP Web and Cloud Access method in PAC file mode.
HTTP access logs occasionally missing HTTP request info from certain users.
Cloud SWG Portal reports not always showing up expected user traffic for certain users.
User browsing experience not impacted in anyway - can still access sites through Cloud SWG service.
Users experiencing not logged requests appear to do so when going through specific ISPs - tethering the host to the users mobile phone, taking a seperate network path into Cloud SWG, allows all requests to show up correctly in reports/access logs.
SEP 14.0.1 mp1 or later.
Web and Cloud Access Protection Policy enabled with PAC File traffic redirection mode enabled, for redirecting web traffic to Cloud SWG.
Certain internet service providers implement “non-standard” transparent content filtering controls in their networks that can make it difficult for Cloud SWG to determine the tenant of a SEP Agent PAC File Mode user.
When this occurs, the user’s traffic cannot be associated with a customer tenant and therefore will not be logged. In addition, the tenant policy will not be applied.
Instead, a generic policy is applied that ensures protection from malware and websites categorized as malicious.
In the Web and Cloud Access Protection Policy, switch from PAC File Mode to Tunnel Mode.
Aside from addressing the issue described in this article, Web and Cloud Access Tunnel Mode has these advantages: