Set up Browser Isolation
Browser Isolation is enabled through Secure Web Gateway HTTP policies. By default, no traffic is isolated until you have added an Isolate policy to your HTTP policies.
1. Connect devices to Cloudflare
Setup instructions vary depending on how you want to connect your devices to Cloudflare. Refer to the links below to view the setup guide for each deployment option.
2. Build an Isolation policy
To configure Browser Isolation policies:
- In , go to Gateway > Firewall Policies > HTTP.
- Select Add a policy and enter a name for the policy.
- Use the HTTP policy and to specify the websites or content you want to isolate.
- For Action, choose either or .
- (Optional) Configure for an Isolate policy.
- Select Create policy.
3. Check if a web page is isolated
Users can see if a webpage is isolated by using one of the following methods:
- Select the padlock in the address bar and check for the presence of a Cloudflare Root CA.
- Right-click the web page and view the context menu options.
A non-Cloudflare root certificate indicates that Cloudflare did not proxy this web page.
The right-click context menu will have all of the normal options.
A Cloudflare root certificate indicates traffic was proxied through Cloudflare Gateway.
The right-click context menu will be simplified.