Service Groups allow services to be categorized into groups for Service Governance purposes. For example, you can build a Service Group based on risk score of cloud services that can help you enforce security policies. You can add a Service to multiple Service Groups.
You can also use Service Groups with integrated edge devices. See Firewall and Proxy Integration for more information about this powerful feature.
To manage Service Groups, go to Governance > Service Groups. From this page, you can view details about existing service groups or create a service group.
The following information and actions are available in the Service Groups table:
- Create Service Group. Click to Create a Service Group.
- Name. A descriptive name for the Service Group. Set when creating or editing a Service Group. Click to go to the Edit Service Group page.
- Active Services. The number of services that have been detected within your traffic logs processed by Skyhigh CASB. Click this number to go to the Services page filtered on the service group, which contains the full list of services in the group.
- Pending Approvals. The number of open requests waiting for approval by a user with security administrator privileges.
- Last Updated. The date when the Service Group was last edited.
Select a Service Group in the table to display a Group Details box on the right of the screen.
The Group Details box details the following information:
- Group Name. A descriptive name for the Service Group.
- Edit. Click to edit the Service Group.
- Delete. Click to delete the Service Group.
- Services. Click the arrow to download a CSV file report of the Services included in the Service Group. The CSV file includes the following columns: Service, Risk, Category, Current Group Assignment, and URLs. If there is more than one URL for a Service, they are included in the same column in a comma-separated list.
- Automatic Assignment. Communicates the status of automatic assignment setting. If on, the service group's inclusion criteria is evaluated daily against Skyhigh CASB's cloud registry. To use Automatic Assignment, see Automatically Add Services to Service Groups.
- Approvals. Communicates the status of the approval workflow setting. If on, a user with security admin privileges must approve all changes to service groups. To use the Approval Workflow feature, see Service Group Approval Workflows.
- Notifications. Communicates the status of notification settings. If enabled, any time a service is added or removed from the group, users with Compliance Manager and Governance roles, and emails listed in the Notification settings section. To use the Notifications feature, see Service Group Notifications.
- Last Updated. The date and time of the last edit to the group.
- Created. The date and time of the creation of the group.
- Created By. The user who created the group.
Service groups can also be used along with egress devices to set policies. For more information about policies, see About Cloud Access Policies.