Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Defining Web Policies > Cloud Apps tab
Cloud Apps tab
 
Note 
The cloud service includes a database of cloud applications that can be used to allow or block user access to selected applications.
Click the Cloud Apps tab to configure a list of cloud apps to be blocked and a separate list of cloud apps to be allowed by this policy.
Note that customers who have licensed and use the Protected Cloud Apps feature will see slight differences when using the Cloud Apps tab. See Using the Cloud Apps tab with Protected Cloud Apps below.
1.
Enable Block all high risk level applications to block access to any cloud app that is considered high risk.
The number of high risk applications is provided in a link that can be used to open a scrollable list of the qualifying apps. When the list is open, use your browser search feature to locate specific apps.
2.
Click the link to the Cloud Apps block page to navigate to Web > Block & Notification Pages > Page Details and customize the block page created specifically for blocking user access to cloud apps.
3.
In the Block Access list, select specific cloud apps that should always be blocked, regardless of their risk level.
a.
b.
Note that, if Block all high risk level applications has been selected, the selection list is limited to medium and low risk apps. Search results provide only the total number of high risk apps.
c.
Apps that have already been included in the Allow Access list cannot be selected. They must first be removed from that list.
Click Done when you have finished making your selections. Each selected cloud app is added to the blocked list.
d.
The number of selected apps included in each risk level is provided next to the risk level name. Cloud apps in the list are sorted alphabetically within each risk level.
If Block all high risk level applications was enabled, the risk level and total is automatically included in the list. The actual apps are not listed. If one of the high risk apps is specifically selected in the Allow Access list, the count is reduced by the number of high risk apps allowed.
 
Important 
The Block Access list takes precedence over actions assigned on the Web Categories tab. If a blocked cloud app is requested using a URL categorized in a category that is set to allow, access to it is blocked.
4.
In the Allow Access list, select cloud apps that should always be permitted.
a.
b.
c.
Apps that have been included on the Block Access list cannot be selected. They must first be removed from that list.
Click Done when you have finished making your selections. Each selected cloud app is added to the permitted list.
 
Important 
The Allow Access list takes precedence over the Block all high risk level applications option. Access to a high risk app that is on the permitted list is allowed even if Block all high risk level applications is enabled.
d.
The number of selected apps included in each risk level is provided next to the risk level name. Cloud apps in the list are sorted alphabetically within each risk level.
 
5.
Click Save.
 
Important 
Block actions assigned on the Web Categories tab take precedence over the Allow Access list. If a permitted cloud app is requested using a URL categorized in a category that is set to block, access to it is blocked.
A count of the number of selected apps is provided above each selection pane. Each list is limited to 100 selections. When the limit is reached, search results no longer allow selection of additional apps. An app that was previously selected must first be removed from the list.
Using the Cloud Apps tab with Protected Cloud Apps
When the Protected Cloud App feature has been enabled (see Configure protected cloud apps for details), the selections made on the Web > Settings > Protected Cloud Apps page impact the Block Access and Allow Access selections.
*
To easily find them, use a hash mark at the beginning of the search string.
*
Cloud apps selected on Web > Settings > Protected Cloud Apps as a protected app are automatically selected on the Allow Access list. They appear in search results on both lists, but cannot be selected or removed on either.
Attempts by an end user to access these apps are forwarded to Forcepoint CASB for analysis and policy enforcement unless the app is in a blocked category (configured on the Web Categories tab).
*
Cloud apps listed but not selected on Web > Settings > Protected Cloud Apps can be either allowed or blocked on the Cloud Apps tab. If an app is blocked and later selected on Web > Settings > Protected Cloud Apps, it is automatically moved to the Allow Access list and marked as selected.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Defining Web Policies > Cloud Apps tab
Copyright 2020 Forcepoint. All rights reserved.