When running Secure Web Gateway under Security Service Edge, you can create and maintain user lists to support the rules of your web policy. To fill a list with user data, you can import this data from a user group that has been set up using attributes and attribute values retrieved from an Active Directory (AD) service.
This requires that you have configured these attributes as custom attributes, which you can do as part of the Skyhigh CASB Cloud Connector configuration. The import function allows you to work with user data for your web policy that is synchronized with the data retrieved for setting up a Skyhigh CASB user group. This ensures you work with consistent user data across different components of the Security Service Edge solution.
For more information about how to set up a user group that you can select when importing user data into a list for your web policy, see Create a DLP User Group.
To import user data:
- Select Policy > Web Policy > List Catalog.
- Under List Catalog on the left, click String, then click . . . (three dots) next to it, and select Add new list.
- Under Name this new (String) list, type a name for the new user list. Optionally, type a plain-text description of the new list in the text box below.
- From the Actions menu in the top right corner, select Import from User Groups.
- In the User Groups window that opens, select a user group, then click Import.
Your new list is filled with the user names that were in the selected user group.
- Click Save.
Your new user list is added to String category of the list catalog.
You can now use this list in a rule of your web policy, but you cannot edit it, as this would impact the synchronized status of the user data.