API policies with content inspection type of Malware Scan
- In the Basic Details page, select Malware Scan.
- Select scanning options.Two options are available:
- Native Scan Engine uses the native scanning engine.
- External ATP Service uses an external service you choose from the ATP Service prompt.
- Click Next to select context options.
- In the Destinations pane, select one or more applications that you want this policy to apply to.
If you select a Google Drive application here, Secure Cloud Access might be unable to honor the policy for that application due to restrictions created by the Google cloud application’s behavior.
Select a Context Type. The options available depend on the cloud application that you selected. Options may include Users, User Groups, Folder (for some cloud applications), Folder Names, Sharing Type, File Sharing, and Folder Sharing.
To include more than one context type in the policy, click the + sign to the right of the Context Type field.
Enter or select the context details for the context type(s) you chose.
Context type Context details Users Enter valid user names or select All Users. User Groups User groups are organized into directories. When you select User Group as a context type, the available directories containing the groups are listed in the left column.
Select a directory to view the user groups it contains. The user groups for that directory are displayed.
Select the groups from the list and click the right-arrow icon to move them to the Selected User Groups column and click Save. These are the groups to which the policy will apply.
To search for a directory or group, click the Search icon at the top. To refresh the list, click the Refresh icon at the top.
Folder Select folders to be included in the policy actions. Folder Names Enter the names of folders to be included in the policy actions. Sharing Type Select a scope for sharing:
- External - Enter blocked domains and click Save.
- Internal
- Public
- Private
File Sharing Select a scope for file sharing:
- External - Enter blocked domains and click Save.
- Internal
- Public
- Private
Folder Sharing Select a scope for folder sharing:
- External - Enter blocked domains and click Save.
- Internal
- Public
- Private
- (Optional) Select any Context Exceptions (items that will be excluded from policy actions).
- Select a Content Action. The options include Allow & Log, Permanent Delete, and Quarantine.
(Optional) If you select Allow & Log or Permanent Delete, choose a notification type as a secondary action. Then, select an email or channel notification from the list.
If you select Quarantine, select Notification from the Quarantine Action & Notification list. Then, select a quarantine notification.
- Click Next and review the policy summary.If the policy includes a Salesforce cloud application, a
CRM column appears next to the FileSharing column.
- Then, perform any of these actions:
- Click Confirm to save and activate the policy. Once the policy is in effect, you can view policy activity through your dashboards on the Monitor page.
- Click Previous to go back to previous screens and edit information as needed. If you need to change the policy type, do so before you save it, because you cannot change the policy type after you save it.
- Click Cancel to cancel the policy.
