Create a Real-time Protection Policy for Web Categories
When you have visibility into the web traffic and the activities performed by users, the next step is to define policies to enforce your business rules. Policies allow you to enforce an action (like block) based on web categories, users and groups, app activity, and so on. In addition to this, you can also define data loss prevention (DLP) and threat protection profiles to inspect traffic to prevent sensitive and critical data leaks and exposure. For a more detailed view of each policy, click the expand icon adjacent to the name of the policy.
You can move policies by dragging the icon beside the policy name. For more options, like cloning a policy, click the three dots to the far right of this policy to open a menu that enables you to clone, revert, disable, move, and delete policies.
Important
Policies are applied in the order they appear on this page. After you create Real-time Protection policies for web categories, move your Netskope Secure Web Gateway policies to the bottom of the page so they don't interfere with your SaaS traffic Real-time Protection policies.
The Real-time Protection Policies page also allows you to use search filters to find policies for specific users and apps. To use the search filters, click the filter icon to apply one or more filters. You can also search for information by clicking the plus sign to use the predefined filters.
Create an Real-time Protection Policy
Policies are defined using a set of variables. These variables define the criteria for detecting policy violations. When all criteria are matched the specified action is taken.
To create an Real-time Protection policy for Netskope Secure Web Gateway:
Go to Policies > Real-time Protection.
Click New policy and select Web Access.
For Source, select the Users, OU, Groups, or Unknown (all unauthenticated users) for which you want to grant access to the private app(s). Add criteria if desired.
For Destination, leave Category and select a category from the dropdown list. Select any activities or constraints you want to apply in the policy.
For Action, select Alert to monitor web traffic. To deny access, select Block.
Give the policy a name (like
Alert for questionable sites
), and then choose the notification template to use in the policy. When finished, click Save.Click Apply Changes.
To modify this policy, click on it and select the pencil icon next to the headings (like Action). After saving your changes, click Apply Changes.