| pcx_content_type | title | weight |
|---|---|---|
how-to |
Isolate self-hosted application |
4 |
{{
}} Requires Cloudflare Browser Isolation. {{}}With Access policies, you can require users to open self-hosted applications in a secure remote browser. Because the remote browser is directly integrated into our Secure Web Gateway platform, HTTP policies can be applied to isolated applications without needing to install the WARP client. This allows you to distribute internal applications to unmanaged users while retaining control over sensitive data.
{{}}
{{}}
Traffic to the isolated Access application is filtered by your Gateway HTTP policies. Useful policies include:
- Identity-based policies to allow or block requests based on user identity.
- Data Loss Prevention policies to log or block transmission of sensitive data.
- Isolation policies to disable browser actions such as copy/paste, printing, or file downloads.
For example, if your application is hosted on internal.site.com, the following policy blocks users from uploading and downloading credit card numbers within the remote browser:
| Selector | Operator | Value | Logic | Action |
|---|---|---|---|---|
| Domain | in | internal.site.com |
And | Block |
| DLP Profile | in | Financial Information |
For a list of products that are incompatible with the Isolate application feature, refer to Product Compatibility .