You can use Apps Firewall policies in combination for the most efficient workflow. For example, when you use Risky Access Scopes, Trusted Apps By Name, Trusted Access Scopes, and New Unclassified Apps policies the flow performs as follows:
- If an app satisfies the Risky Access Scopes policy criteria, that policy's workflow runs (usually to classify apps as Banned).
- When #1 is not true, and the app satisfies the Trusted Apps By Name criteria, that policy's workflow runs (usually to classify the app as Trusted).
- When #2 is not true and an app satisfies the Trusted Acces Scopes criteria, that policy's workflow runs (usually to classify the app as Trusted).
- When none of the above are true and an app satisfies the New Unclassified Apps criteria, that policy's workflow runs.
The two other Apps Firewall policies function only if the workflow has started by classifying apps:
- The Revoke Banned Apps policy works in conjunction with Risky Access Scopes to revoke policies classified as Banned.
- The Monitor Under Audit Apps policy works to filter and list apps classified as Monitor Under Audit for reviewing later.
Updated over 4 years ago