Hybrid solution A Web Protection license provides all components needed to set up the hybrid solution. When the hybrid solution is configured and enabled, the Web Gateway policy is pushed to McAfee WGCS at the synchronization interval you specify. Using the hybrid solution, you can: Apply one policy across your organization. Ensure that the policy is updated in the cloud when it is changed on premise through configured synchronization intervals or manual synchronization. On-premise and remote web access The hybrid solution provides web protection for your organization whether users are working inside or outside your local network. Components of the hybrid solutionThe hybrid solution integrates McAfee components installed on your network with McAfee cloud services. How it worksThe on-premise and cloud components of the hybrid solution are set up to protect your organization from threats that might arise when users access the web from inside or outside the network. Authentication considerations for the hybrid solutionMcAfee WGCS authenticates users when they are working outside the network. Authentication settings configured on premise and in the cloud must be compatible. Using your own SSL certificate with SAML authentication In a hybrid deployment, you can use your own SSL certificate with SAML authentication. Why some rules are restrictedNot all Web Gateway rules are compatible with McAfee WGCS. Hybrid data residency settings You can override McAfee WGCS data residency settings by adding a data residency event to Web Gateway policy rules. The event takes effect only when the hybrid solution is enabled.