Scoping with Rule Sets
By default, the rules in the rule sets apply to all web traffic. You can limit the scope of each rule set by configuring any of the following criteria:
-
Location. Any location name configured in the UI for web policy. For example, you can select a location named Europe and specify that a rule set only applies to web traffic inside that region.
-
Client IP. The Client IP is the IP address of the endpoint. Endpoints include the laptops and devices that your users are using to access the internet. You can select one or more lists of IP address ranges and specify whether the rule set applies to traffic having a client IP address in these lists or not in these lists.
-
Connection IP. The Connection IP is the IP address of the firewall or other device between your organization's network and the cloud (your public IP address). You can select one or more lists of Connection IP address ranges and specify whether the rule set applies to traffic having a connection IP address in the lists or not in the lists.
-
User Group. Names of one or more groups where the user making the web request is a member.
-
User Name. Name of the user making the web request.