# WorkSpaces (Secure Browser)
WorkSpaces Secure Browser provides a protected environment for users to access private websites, software-as-a-service (SaaS) applications, and the public internet. WorkSpaces Secure Browser works with the browser running locally on the end-user’s device.
To enable **WorkSpaces Secure Browser** and set up logging, start by navigating to the WorkSpaces Manager console and toggling the Enable Secure Browser setting to "On" to display it in the menu. Next, create an S3 bucket by going to the **Amazon S3 Console** and setting up a bucket with a name like `workspacesweb-userlogs`. Note down the bucket name for later use. Proceed to the **Amazon Kinesis Console** first create a data stream starting the name with `amazon-workspaces-web-` and set Capacity mode to On-demand, click Create data stream.
Then go to WorkSpaces, under the drop down for **WorkSpaces Secure Browser** go to Portals and click the active Portal for WorkSpaces Web. Select Portal settings then edit nect to User access logging details and select the Kinesis data stream.
Back to the **Kinesis** dashboard and go to **Amazon Data Firehose**, create a Firehose stream Set the source to **Amazon Kinesis Data Streams** and the destination to **Amazon S3**. In the Source Settings, click Browse and select the Kinesis Data Stream that was created.
Then, in the Destination Settings, click Browse and choose the S3 bucket you just created. Once done, click Create Firehose Stream to complete the setup.
Finally, return to the WSM console, and in the configuration, add the **Bucket Name**, **Account ID**, and **Region**, then click Add to finalize the integration. This will complete the setup for enabling and logging WorkSpaces Secure Browser activity.
.png?alt=media&token=8d22acb3-de9c-4ca2-a714-d9848211dd61)
