Common HTTP policies
The following policies are commonly used to secure HTTP traffic.
Block content categories
Block content categories which go against your organization’s acceptable use policy.
| Selector | Operator | Value | Action |
|---|---|---|---|
| Content categories | in | Adult Themes, Gambling | Block |
Block applications
Block content categories which go against your organization’s acceptable use policy.
| Selector | Operator | Value | Action |
|---|---|---|---|
| Application | in | Netflix | Block |
Check user identity
Configure access on a per user or group basis by adding identity-based conditions to your policies.
| Selector | Operator | Value | Action |
|---|---|---|---|
| Application | in | Salesforce | Block |
| User Group Names | in | Contractors |
Enforce device posture
Require devices to have certain software installed or other configuration attributes. For instructions on setting up a device posture check, refer to the device posture section.
| Selector | Operator | Value | Action |
|---|---|---|---|
| Passed Device Posture Checks | in | Minimum OS version |
Allow |
Enforce session duration
Require users to re-authenticate after a certain amount of time has elapsed.
Isolate high risk sites in remote browser
If you are using the Browser Isolation add-on, refer to our list of common Isolate policies.
Bypass inspection for self-signed certificates
When accessing origin servers with certificates not signed by a public certificate authority, you must bypass TLS decryption.
| Selector | Operator | Value | Action |
|---|---|---|---|
| Domain | in | internal.site.com |
Do Not Inspect |
Refer to the HTTP policies page for a comprehensive list of other selectors, operators, and actions.