CloudSOC (CASB) > Google GSuite Gatelet activated in CloudSOC Store
Created an 'Access Enforcement by Gatelet' policy to block users from logging into the Gmail service.
The expectation is the policy blocks only Gmail. However, the policy also blocks Google Drive and other apps included in GSuite.
Cause
The GSuite management of internal apps is all inclusive on the activity so the policy blocks anything related to any GSuite Service.
An Access Enforcement by Gatelet policy CloudSOC blocks activities based on the domain of the service.
Google shares domains across multiple products and services; blocking one affects all other Google services.
The images below illustrate a Policy set to block 'Gmail' yet when browsing (incognito) directly to Google Drive, the Policy is triggered and action is blocked.