Rule Set Prerequisites
Some rule sets have prerequisites that must be met before they can be fully configured and ready for use in your web policy.
Rule set | Prerequisites |
---|---|
Activity Control |
This rule set gives you fine-grained control over the cloud services in the Service Catalog, allowing you to select which activities you want blocked instead of blocking entire services. For example, you can select Box from the Service Catalog, then select download and upload activities for blocking, while allowing edit and post activities. Before you can configure these rules, you must add cloud services from the Service Catalog. Prerequisites:
|
Advanced Threat Defense | This rule set sends web objects to Gateway ATD for in-depth static and dynamic analysis according to the rules that you configure. For example, you can allow some media types to skip ATD processing, while requiring other media types to be processed by ATD.
Prerequisites:
|
Application Blocking | This rule set blocks access to configured groups of cloud services called Service Groups. Before you can add Service Groups to this rule set, you must create them.
Prerequisites:
|
Certificate Verification |
This rule set verifies certificates according to certificate verification rules that you customize for your organization. For example, you can configure the certificate verification process to be more or less restrictive. For the certificate verification rules to take effect, you must first provide at least one CA certificate. Prerequisites:
|
DLP Dictionary |
This rule set blocks the transfer of sensitive information outside your organization according to the DLP dictionary rules that you configure. For this rule set to work for your organization, you must customize the default DLP Dictionary. Prerequisites:
|
DLP ICAP Server |
This rule set sends files to DLP ICAP servers according to the rules that you configure. For example, you can send all files or send only the file types that you specify. For the DLP ICAP server rules to take effect, you must configure at least one DLP ICAP server. Prerequisites:
|
Next Hop Proxy |
This rule set forwards web traffic to proxy servers according to the next hop proxy rules that you configure. For example, you can forward all traffic or forward only risky traffic. For the next hop proxy rules to take effect, you must configure at least one proxy server. Adding more than one proxy server enables round robin load balancing. Prerequisites:
|
Tenant Restriction |
This rule set blocks users from accessing sanctioned cloud services through their personal accounts, while allowing access to these services through the accounts that you configure. To configure each tenant restriction rule, you need these application-specific details. Prerequisites:
|
YouTube Control |
This rule set filters YouTube traffic according to the rules you configure. For example, you can block traffic by title or category and allow or block traffic by channel. WGCS filters traffic by checking the metadata sent with a video stream over the YouTube API. Before you can configure the YouTube rules, you must provide your YouTube API key. Prerequisites:
|