Policy Inheritance and Customization
Last updated
Last updated
Any new policy you create will inherit the entire base policy. An “Inherits Base” tag is visible in all the policy screens to highlight this.
A policy that inherits from Base Policy will be automatically updated when an update is made to the Base Policy.
A policy section will become customized once any edits are made to that section.
Once a policy section is customized, any edits made within the policy section will only affect that policy.
A policy has the following sections:
Dope Categories (includes Custom Categories)
Cloud Application Control
Bypass
Domain Bypass
Application Bypass
Any of the following edits will result in the section becoming Customized:
Restriction level change for parent category, subcategory, and custom category
New policy exceptions
Updates to the block, security risk, and warning page assignments
Any of the following edits will result in the section becoming Customized:
Addition of a new domain, sub domain, tenant ID, or account ID to any application
Enabling a Cloud Application not already enabled
Disabling a Cloud Application already enabled
Any of the following edits will result in the section becoming Customized:
Addition or deletion of a domain
Any of the following edits will result in the section becoming Customized:
Addition or deletion of an application
For a policy that inherits from base, you can jump back to the base policy by hovering over the “Inherits Base” tag . This will change to a “Go to Base Policy” tag when hovering. If you choose to select, you will be taken to the same policy section of the Base Policy.
For a customized policy section you can revert it back to Base Policy by simply hovering over the “Customized” tag . This will change to a “Reset Policy” tag when hovering. Selecting the Arrow icon will revert the policy section back to the Base configuration.
