Control Gatelet traffic based on the request attribute using a protect policy
search cancel

Control Gatelet traffic based on the request attribute using a protect policy

book

Article ID: 272758

calendar_today

Updated On:

Products

CASB Advanced Threat Protection CASB Gateway CASB Gateway Advanced CASB Security Advanced CASB Security Premium CASB Security Standard CASB Securlet SAAS With DLP-CDS

Issue/Introduction

The Access Enforcement Policy in Protect, gives a granular control over the sanctioned traffic using the request attribute, like the URL, URI, User-Agent header or the Content-type header.

Admins/Customers can leverage those controls for a wide range of use cases.

Examples:

1- Monitor (or Block) the traffic generated by non-standard browsers (using the user-agent header to control agents like GitHub agent or thick clients)

2- Restrict the internal users from signing up to a new Google personal account (which contains a specific keyword in the URL)

 

the options are limitless.

 

 

Resolution

1- Navigate to "Protect" then "Policy" then "Create a new Policy"

2- Name the Policy and select "Access Enforcement via Gatelet" for the Policy Type.

3- Define the policy further as needed (Gatelet, Groups, ..etc)

4- Locate the "Source" section and click on the dropdown list (By default it s set to "Platforms and Browsers")

5- Select "Request Attributes"

6- select "Selective"

7- Click on "Configure request attributes"

8- On the popped up screen, select the attributes you would like to use 

9- The conditions available are (equal case sensitive, not equal case sensitive, contains and does not contain)

10- The logical operators can be used to craft a more complex conditions using the OR/AND operators.

11- Set the proper response actions required (Block, Notify or Insert Header)

12- Save

Additional Information

The final policy would look like this:

Powered by Wolken Software