Define the business policy in your SD-WAN Orchestrator to determine web security screening.

  1. From the navigation panel in the SD-WAN Orchestrator, go to Configure > Edges.
  2. In the Edges screen, click the Bus. Policy icon for your Edge.
  3. Click the New Rule button.
    1. In the Rule dialog box:
      1. Type in a name for the rule in the Rule Name textbox.
      2. In the Destination area of the Match section, choose your options. (Example options are shown below):
        1. Click the Define button.
        2. Choose Internet.
        3. Choose TCP from the Protocol drop-down menu.
        4. Type your port in the Ports text box. The image below shows an example using the port 80 option. VMware recommends using port 80 or port 443. See note at the end of this section for more information.
      3. In the Action area, choose your options. (Example options are shown below):
        1. For Priority, choose Normal.
        2. For Network Service, click Internet Backhaul and choose your Non VMware SD-WAN Site from the drop down menu.
        3. For Link Steering, choose an option (for example, by Service Group).
        4. For Service Class, choose Transactional.
    2. Click OK.

      complementary-config-zscaler-new-rule-80

      Note: VMware recommends business policy rules to Backhaul web traffic, specifically port 80 and 443. You can send all Internet traffic to Backhaul Zscaler. An image example using port 443 is shown below.

      complementary-config-zscaler-new-rule-443