Athena SWG (Secure Web Gateway)

Athena SWG (formerly Internet Access Gateway) ensures visibility and control across the network, detecting risks like unauthorized access, non-compliant activities, and data leaks to manage endpoints.
{{ $t('productDocDetail.guideClickSwitch') }}
{{ $t('productDocDetail.know') }}
{{ $t('productDocDetail.dontRemind') }}
13.0.120
Athena SWG (Secure Web Gateway) {{ breadTitle }} User Manual Functions Bandwidth Management Bandwidth Channel Configuration Exclusion Rules
{{sendMatomoQuery("Athena SWG (Secure Web Gateway)","Exclusion Rules")}}

Exclusion Rules

{{ $t('productDocDetail.updateTime') }}: 2025-12-29

An exclusion policy is to transfer specified types of data through none of the Bandwidth Management channels. It helps prevent traffic control over the data. For example, suppose an IAG is deployed in bridge mode, and the DMZ of the front-end firewall is connected to some servers. In that case, Bandwidth Management is not required for the data exchanged with the servers over the intranet.

Because the data is not transferred over the Internet, it does not require Internet bandwidth control. In this case, an exclusion policy is implemented for the applications and IP addresses of the servers.

Scenario:

An IAG is deployed in bridge mode. The DMZ of the front-end firewall is connected to some servers, and an exclusion policy must be implemented for the data exchanged between the IAG and the servers.

Configuration steps:

Go to System > Objects > IP Address Database > IP Group, and add the IP addresses to be excluded.