Policy Tester

The Policy Tester can be accessed on the SWG tab, or inside of a SWG policy. With it, you will see exactly how a URL will be treated for a specific user or group without testing on your laptop. It mirrors the policy engine on the endpoint, so you can validate changes without asking users to reproduce on their device.

Use it to:

  • Debug access issues for a user or group

  • Verify new or edited policies before rollout

  • Confirm that exceptions are working

  • Check the category of a website

Find the policy tester at the bottom right of the SWG tab

No device-endpoint state The Policy Tester will not know if a user clicked “Proceed” on a warning page on their device. If an endpoint is currently allowing a site because the user accepted a warning, the Policy Tester will show the verdict (e.g., Warn) No network conditions The tool does not simulate TLS errors or connectivity issues. It answers only: “If this traffic reaches dope.endpoint and is evaluated by policy, what should happen?”

Use logs for history Policy Tester shows expected behavior, not past events. To see what actually happened for a real request, use your activity or SIEM logs alongside this tool

Running a test

  1. Select the user or group Start typing a name or email in Search User/Group and pick the correct identity. This determines which policy will be evaluated.

  2. Enter the URL Type a domain (thepiratebay.org) or full URL (https://thepiratebay.org/).

  3. Click Go Policy Tester evaluates the request and shows the result under Status

Understanding the results

Status can be:

  • Allowed

  • Warn

  • Blocked

Explanations:

  • Policy assignment: Shows the policy applied to the selected user/group

  • Category restrictions: Shows the categories of the URL and any restrictions, e.g.: The Category "Torrents/P2P" has restrictions

  • Other rule matches: Indicates any custom URL rules or app controls that influenced the verdict.

PreviousCustom PolicyNextPolicy Assignment

Last updated