Register Your
Web Security Service

This topic describes the information and steps required to register as the initial, primary administrator of your
Web Security Service
(WSS) portal account. 
When you access the
for the first time, the browser displays the first page of the Initial Configuration Wizard. The only required task is to define the administrator credentials, set an initial default policy template. You can perform all connection configurations and custom policy definitions at a later time.

Technical Requirements

Before initiating the registration process, you must have the following information:
  • A Subscription ID, which was sent in a Welcome email by
  • A Primary Administrator email address. Your
    portal account will be tied to this address.
  • The
    uses the Okta Identity Provider (IdP) to authorize Admin access:
    • If you had a Symantec NSL account before the migration to Okta, Symantec Enterprise sent you (the Admin address on record) an email that describes how to activate your new Okta account.
    • If access to your portal account requires authorization through a SAML IdP, Symantec Enterprise sent an additional email that provides assertions required to configure the IdP.
  • If you plan to download
    applications, such as the Auth Connector or WSS Agent, register your administrator email with Broadcom. See Register Email with Broadcom Enterprise.


Perform the following steps to help you complete the wizard.
Some wizard pages provide configuration options, such as adding a location or adding the
Auth Connector
. These configurations are required to complete the initial registration process. You can perform these specific connectivity method tasks from within the portal at any time following registration. Some methods require considerable planning. The options are provided for experienced
users who already know this information and require a quicker deployment process.
  1. In a browser, enter the following URL:
    Registration Page
    1. Enter the
      Email Address
      and name of who will be the primary
      Web Security Service
    2. Enter your
      Subscription ID
    3. Attest
      that you have read the EULA.
    4. Click
      The portal displays a dialog informing you to check the newly-registered email account.
      NSL Mail dialog
    5. In that email, copy the
      temporary password
    6. Close the dialog.
    7. Understand and accept the terms.
    8. Log in.
  2. If your company requires multiple-factor authentication (MFA), you are prompted to complete that setup.
    To perform post-registration MFA changes, access
  3. WSS
    begins the second initial configuration phase, the first of which is Product Configuration.
    Product Config
    Locate the
    Web Security
    product line and click the
    link, which is in the
  4. WSS
    displays the Default Policy page.
    Select policy source
    1. Select the
      Policy Source
      • Select
        WSS Portal
        , which is the cloud security service default.
      • The
        Management Center
        option applies only to theUnified Policy Enforcement  (UPE) solution. UPE uses Symantec Management Center to implement ProxySG appliance-defined policies in the portal. See the
        Symantec Unified Policy Enforcement Solution
    2. Default Policy Profile
      blocks access to known malware sources and some inappropriate content.
      • Liability Concerns
        • Child pornography
      • Security Concerns
        • Spam
      • Security Threats
        • Malicious Outbound Data/Botnets
        • Malicious Sources
        • Phishing
        • Proxy Avoidance
      The following policy controls provide a baseline policy against all other web content transactions:
      • Monitor
        —Provides only malware scanning. The following blocked categories cannot be changed by any policies:
        • Child pornography
        • Malicious Outbound Data/Botnets
        • Malicious Sources
        • Phishing
        • Proxy Avoidance
        • Spam
      • Standard
        — In addition to the
        categories, provides malware scanning plus blocks access to the most common questionable content such as mature:
        • Adult/Mature Content
        • Controlled Substances
        • Gambling
        • Hacking
        • Nudity
        • Peer-to-Peer (P2P)
        • Piracy/Copyright Concerns
        • Placeholders
        • Pornography
        • Potentially Unwanted Software
        • Remote Access Tools
        • Scam/Questionable/Illegal
        • Suspicious
      • High
        —In addition to the
        categories, this option provides malware scanning plus blocks access to the most common questionable content and common categories that are not work-related, such as social networking sites.
        • Dynamic DNS Host
        • Extreme
        • Intimate Apparel/Swimsuit
        • Mixed Content/Potentially Adult
        • Sex Education
        • Sexual Expression
        • Software Downloads
        • Violence/Hate/Racism
        • Weapons
      These selections serve as defaults. You can modify content filtering category and malware policies from the
      portal after completing the registration process.
    3. Click
  5. Privacy
    reports are generated from data in access logs, which are populated by employee web use. Your organization might require stricter privacy concerns. You can suppress information such as usernames from reports.
  6. The wizard progresses through three more screens:
    Mobile Users
    Static Location
    , and
    Auth Connector Setup
    . Each screen provides option to configure additional components. Advanced
    Admins will understand what these configurations are, but you can configure these connectivity and authentication methods at a later time. For each of these screens, click
  7. The final wizard screen confirms that you have completed the registration process. Click
    Go To Product Setup
    (lower-right corner).
  8. WSS
    returns to the Product Configuration screen. The
    Web Security
    product line now displays the
    Configuration Status
    . Click
    (lower-right corner).
    portal loads and displays the
    Overview Dashboard
    landing page. These reports are not populated until clients begin sending traffic to the service.

Portal Timeout

portal session timeout is set to 15 minutes. This value cannot be changed.

Next Step

You are ready to configure a connectivity method. Configure your network assets to route traffic to the service for threat protection and content policy checks.