Guides
Secure Access Help Center

Add Destinations for Internet Security Bypass

You can configure certain destinations in Cisco Secure Access to bypass internet security for end users. To bypass internet security on a destination, add an IP address, CIDR block, or domain in Secure Access. After you add a destination to bypass internet security, you can view, edit, or delete the destination.

This guide describes the steps to add destinations in Secure Access where DNS requests for the destinations bypass the Secure Access DNS resolvers and Secure Web Gateway (SWG), or only the Secure Web Gateway.

Table of Contents

Prerequisites

  • Full Admin user role. For more information, see Manage Accounts.
  • User devices must have the Cisco Secure Client deployed with the Umbrella Roaming Security module or deploy a PAC file on the browsers in the environment.

Procedure

Add destinations in Secure Access to bypass internet security. Traffic for destinations that are added in Secure Access bypass the Secure Access DNS resolvers and Secure Web Gateway or the Secure Web Gateway only.

If you configure DNS requests to bypass the SWG and Secure Access DNS servers, the queries are sent to the organization's local DNS resolvers.

If you configure DNS requests to bypass the SWG only, the queries are sent to the Secure Access DNS servers and directly to the internet.

Steer Traffic to Secure Access or Bypass Domains

  1. Navigate to Connect > End User Connectivity > Internet Security , and then click Add Destination.

  2. Choose Bypass Secure Access to bypass the Secure Access SWG and DNS servers.
    a. For Destination, enter a domain name.
    b. (Optional) For Description, enter text that describes this domain.
    c. For Applies To, choose the Secure Access Sites for all devices that should bypass the domain.

  3. Choose Bypass web proxy only to bypass the Secure Web Gateway (SWG) only.
    a. For Destination, enter a domain name.
    b. (Optional) For Description, enter text that describes this destination.

  4. Click Save.

View Destinations for Internet Security Bypass

After you add the destinations in Secure Access to bypass internet security, you can view the details about the destinations.

  1. Navigate to Connect > End User Connectivity > Internet Security.

  2. View the domains that you added to the bypass internet security list in Secure Access.

    • Domain Name—The name of the domain.
    • Description—The text that describes the domain.
    • Intent—The type of domain, for example: Bypass Secure Access.
    • Applies to—The name of a Site or the location of the Secure Access Virtual Appliance (VA) deployment where the domain is bypassed.
    • Actions—The actions taken to manage the destination in Secure Access.

Manage Internet Security Bypass < Add Destinations for Internet Security Bypass > Edit Destination for Internet Security Bypass

Updated 8 days ago