Guide
TrainingSupportCommunity

Enable walled garden

Suggest Edits

Enable walled garden

Before you begin
To configure the domains and IP addresses of traffic that you want to allow in a walled garden configuration, see Configure walled garden exceptions.

You can enable walled garden for ​ETP Client​ in a policy. When ​ETP Client​ is an unprotected state, this option blocks all traffic that’s not specified as an exception in the Local Bypass Settings. Currently, this feature is only supported on the Windows desktop client.

📘

When walled garden is enabled, ​ETP Client​ is configured as the local web proxy on the user’s device. As a result, the Overwrite Device Proxy setting is automatically changed to Yes.

To enable walled garden:

  1. In the Threat Protection menu of Enterprise Center, select Policies > Policies.

  2. Click the policy that you want, and select the Settings tab.

  3. Navigate to the ​ETP Client​ settings.

  4. Enable Walled Garden Exceptions.

  5. Click Save. If you want to save and deploy the policy update, click Save and Deploy.

Next steps
If you have not deployed the policy, deploy it to the ​SIA​ network. For instructions, see Deploy configuration changes.

Configure walled garden exceptions

You can configure the domains and IP addresses that you want to exempt from a walled garden configuration in ​ETP Client​. When walled garden is enabled in a policy and ​ETP Client​ is in an unprotected state, these domains and IP addresses are allowed.

To configure walled garden exceptions:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > Local Bypass Settings.

  2. Expand the Domains Allowed in Walled Garden section and enter the domains and DNS suffixes that you want to allow when a walled garden is enabled for the client.

  3. Expand the IP Addresses Allowed in Walled Garden section, and enter the IP addresses that you want to allow when a walled garden is enabled for the client.

  4. Click Save. To save and deploy these settings, click Save and Deploy.

Next steps

Updated about 2 years ago