How can i allow skype traffic through web Gateway? I know that there is a problem with SSL scanner and skype. Is there a way to use some unique skype property to create exception for skype in SSL scanner rule?
You can create an additionl proxy port to point skype to and then add an exception to the SSL Scanner rule set using Proxy.Port (ex: Proxy.Port does not equal <new proxy port>). You may also want to take it a step further and apply further restrictions to that new proxy port in your policy such as blocking HTTP protocol and placing restrictive category blocks so that it is.
I just did this as a matter of fact I am clicking "save changes" now as I type. There's a KB article here somewhere I used for this so it's not an original idea and it's pretty much what pbrickey suggested. Use another port then create a policy mapping and rule set to limit what that new policy can do. I locked it down to only users in a specific skype AD group and then blocked all traffic not IP to IP based. Works like a champ.