Where are the cookies stored?
Menlo has a cookie database which is stored outside the Disposable Virtual Container (DVC). These cookies are attached to a specific browser session.
How are cookies protected?
Cookies are associated with a specific user session; they are automatically encrypted and attached to the user's browsing session once the user has authenticated. A user cannot access another user's cookies.
How are cookies removed?
Cookies are removed when they are deleted from the local browser or when they expire.
How are cookies used in user authentication?
- When a user enters valid login details, they are authenticated and a safeview-id cookie is created which is unique for that user's credentials and browser connection.
- A different cookie _sc_token is set when using proxy mode.
For sites that are Allowed, the Security Policy does not include *.menlosecurity.com which means the user may have issues using reCAPTCHA as it will block the generation of a session cookie when the site redirects to safe.menlosecurity.com.