Manage the Web Policy


Umbrella Packages and Feature Availability

Not all of the features described here are available to all Umbrella packages. Information about your current package is listed on the Admin > Licensing page. For more information, see Determine Your Current Package. If you encounter a feature here that you do not have access to, contact your sales representative for more information about your current package. See also, Cisco Umbrella Packages.

Umbrella's Web policy is the heart of its cloud-based Secure Internet Gateway (SIG) platform, providing URL-layer visibility, security, and enforcement to your organization's web traffic. There is only one Web policy, which is made up of rulesets and rules that set various security, permission, and access controls for your identities.


While the Web policy includes a configurable default ruleset that is applied to all identities, to take advantage of the various features offered by Umbrella's cloud-based SIG, add your own organization-centric rulesets and rules. You can add multiple rulesets and rules so that your various identities can be granted different permissions within the Web policy.

Note that while your identities can be added to any number of rulesets and rules, Umbrella applies the first matching ruleset to your identity and immediately stops evaluating. If no matching ruleset is found, Umbrella applies the default ruleset—listed as the default Web policy. Because of the way Umbrella evaluates identities against rulesets and rules, it's important that you configure rulesets and rules correctly for each of your organization's identities. An error in configuration may result in unintended results: identities being left unprotected to various threats or users accessing destinations you may want blocked. Plan and design your rulesets and rules before you build them.

Group Roaming Computers with Tags < Manage the Web Policy > Add a Ruleset to the Web Policy