Limitations of Actions within Content Filtering Policy for Web Security Service
search cancel

Limitations of Actions within Content Filtering Policy for Web Security Service


Article ID: 175582


Updated On:


Cloud Secure Web Gateway - Cloud SWG


A rule is created where one or more Actions within the Contents and Limits field are not working properly.


The Action may not be supported for the defined Web Application.


Rules created with Actions within Cloud SWG (Web Security Service - WSS) are only supported for specific web applications. Not all Web Applications support all Actions. Please refer to the Site Review page for the list of Web Applications and their supported Actions.

To ensure the functionality of this type of rule, it is recommended to create rules with Actions using Web Applications as the destination instead of other options such as URLs, IPs, and categories. However, if a rule is created using a URL, IP, or Category that happens to match one of the supported Web Applications and Actions, it may or may not work.

For example, Send Email is a supported action for the Gmail Web Application. If a rule is created that blocks the Send Email Action for the URL then it may work, but this cannot be guaranteed. Therefore, using Web Applications is the supported method of implementing Actions into rules in Content Filtering Policy.

Note: SSL Interception is required for full functionality of rules created with Web Applications and Actions. Depending on the Action, some rules will be required to be in either Group A or Group B. The portal will indicate this requirement when creating the rule. 

Note: The number of supported Web Applications and Actions increases for customers that have integrated CloudSOC Cloud Access Security Broker (CASB) with WSS. For more information about these Web Applications and Actions, refer to CASB documentation and Technical Support.