You can configure a Smart Browser Isolation policy that automatically isolates potentially malicious web content using the AI/ML models. This policy identifies suspicious websites and decrypts them using SSL inspection and presents the users with a rendition of the actual websites in a remote browser using the Isolation.

Enable the Inspect Inbound Traffic and Inspect Outbound Traffic toggles on the Malware Protection page (Policy > Malware Protection > Malware Policy) for the Smart Browser Isolation policy to work.

To configure the Smart Browser Isolation policy:

1. Go to Policy > Secure Browsing.
2. On the Smart Isolate tab:
   • Enable AI/ML based Smart Browser Isolation: Enable this option to protect the users from suspicious websites hosting malicious active content using AI/ML models, which continually identify suspicious domains. Enabling this option automatically creates an editable SSL inspection rule to decrypt suspicious websites. Once this feature is enabled, the following option appears:
     • Users: Select the users to which the policy applies. You can select up to 4 users. If you select no values, policy evaluation ignores this criterion.
     • Groups: Select the groups to which the policy applies. You can select up to 8 groups. If you select no values, policy evaluation ignores this criterion.

     • Browser Isolation Profile: You can choose the isolation profile to which the policy applies.

       Ensure to create isolation profiles for your organization in the ZIA Admin Portal for them to be available in this field.

3. Click Save and activate the change.