Views:

Define your corporate networks on the Internet Access Cloud Gateway to identify your internal users and apply more granular Secure Access Rules.

The Internet Access Cloud Gateway uses your corporate network locations to help identify your internal users' internet traffic. You can use these locations to create specific HTTPS inspection and Secure Access Rules for branch offices or departments, and define rule enforcement schedules based on time zones specified for these locations.
Important
Important
Customers using a proxy-based solution instead of the Secure Access Module are strongly recommended to configure corporate network locations to ensure that Zero Trust Secure Access Internet Access Gateway can properly identify your users' internet traffic.

Procedure

  1. On the Trend Vision One console, go to Zero Trust Secure AccessSecure Access ConfigurationInternet Access and AI Service Access Configuration.
  2. On the Gateways tab, click Add Corporate Location.
  3. Specify a unique name and a description for the gateway.
  4. Specify the static public IP addresses you would like to manage through the gateway.
  5. Select the geographical Time zone of the location.
  6. (Optional) Choose whether to allow endpoints without the Secure Access Module installed to bypass user authentication when connecting from specific private IP addresses.
    1. Search for existing private IP address groups to bypass authentication or create a new private IP address group.
    2. Choose specific private IP addresses from the selected groups to not be permitted to bypass authentication.
    Important
    Important
    • Private IP addresses must be present in the X-Forwarded-For HTTP request header in order to successfully bypass authentication.
    • When bypassing authentication while connecting through the Cloud Gateway, each private IP address is counted as a user in the Internet Access user count. For more information, see Credit requirements for Trend Vision One apps and services.
  7. Click Save.
    Note
    Note
    Zero Trust Secure Access Internet Access verifies each location added to the list. If the location is not verified within 7 days, Internet Access automatically removes the location from the list.