icon-unified.svg
Experience Center

Configuring Internet & SaaS for Isolation

Zscaler Isolation provides organizations with the capability to isolate web pages and categories of web pages, as well as isolate files downloaded from these web pages in a contained, temporary browser on the Zscaler cloud. Isolation offers complete integration with Zscaler Internet & SaaS, allowing admins to granularly define what web traffic from a user should be isolated and what policies need to be applied on the isolated traffic.

To learn about configuring Isolation for Private Applications, see Signing in to the Admin Portal and About Isolation Policy.

Users must first be authenticated for any traffic and web requests to be redirected to Isolation.

In this configuration, you will create a new URL Filtering Policy Rule in Internet & SaaS to forward traffic to Isolation.

Prerequisites

Creating a URL Filtering Policy Rule to Isolate Web Traffic

Users can only enable the Isolate action in a URL policy if:

  • The protocol is HTTP, HTTPS, or both.
  • The HTTP method is limited to CONNECT, GET, TRACE, or HEAD.
  • The user agent is comprised of a minimum of one or more known browsers.

These parameters are automatically set after your organization has enabled Isolation.

To create this policy:

  1. Go to Policies > Access Control > Internet & SaaS > URL Filtering.
  2. Select Add URL Filtering Rule.
  3. In the Add URL Filtering Rule window:
  4. Choose a URL Category and any other rule Criteria.

  1. Select Isolate for Web Traffic.
    The Isolation Profile drop-down menu appears.
  2. Choose the desired profile you want to isolate criteria-matching traffic for.

  1. Click Save to activate your changes.

Bandwidth Control is disabled for all traffic from the isolated browser destined to the Internet & SaaS Public Service Edges. To learn more, see About Bandwidth Control.

Related Articles
Configuring Internet & SaaS for IsolationSandbox Integration with IsolationUnderstanding Votiro Integration for Isolation