How to prevent users from being routed to unexpected regions by the Skyhigh Web Gateway (Cloud) Global Routing Manager
Last Modified: 2023-06-08 11:00:59 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
How to prevent users from being routed to unexpected regions by the Skyhigh Web Gateway (Cloud) Global Routing Manager
Technical Articles ID:
KB87910
Last Modified: 2023-06-08 11:00:59 Etc/GMT Environment
Skyhigh Client Proxy (SCP) Skyhigh Web Gateway (SWG) (Cloud) Summary
The Global Routing Manager (GRM) routes user traffic based on the country in which their DNS server resides. Example: A client with offices worldwide might have an office in Argentina, but the DNS server used by this office is in Sweden. The users in Argentina would be routed to an SWG (Cloud) European data center because of the DNS server's location in Sweden. You can override the region that's automatically chosen and specify routing to a data center in a different region. SolutionThe delivery of localized web content depends on the geo proxy IP address that receives the original request from the client and forwards it to the destination web content service. This address can be a webpage or a search engine such as Google or Yahoo. The instructions below can help verify the incoming and outgoing IP address corresponding to the geo-located Point of Presence (POP).
To see what country the user is originating from, run the following commands from the client:
tzutil /g <Enter> nslookup -query=txt echo.saasprotection.com <Enter> nslookup -query=txt anycast.saasprotection.com <Enter>
dig anycast.saasprotection.com txt <Enter> dig echo.saasprotection.com txt <Enter> These queries return the following:
Example from Windows:
To override the region that's automatically chosen, append a region prefix to the proxy name. With the prefix, specify a preference for a PoP or data center of a specific region. For detailed instructions about how to append the country-specific and region-specific prefixes, see KB87631 - Configure Global Routing Manager country and region prefixes. Affected ProductsLanguages:This article is available in the following languages: |
|