Secure Web Proxy policies are based on two parameters: the traffic source and the allowed destination.
- To identify the traffic source, Secure Web Proxy uses attributes such as service accounts, Tags, and IP addresses.
- To determine the allowed destinations, Secure Web Proxy uses a domain, a full URL path (if TLS inspection is enabled), URL lists, or the destination port.
By default, Secure Web Proxy includes deny policies, which means that no traffic is allowed to egress through the proxy unless a specific rule is included in the policy.
Use the following attributes to let Secure Web Proxy identify the source traffic: