Editing a cloud app filter

Use the Policy Management > Filters > Edit Cloud App Filter page to make changes to existing cloud app filters.
Important:

Edits to a cloud application filter affect every policy that enforces the filter.

Policies that enforce a cloud application filter with the same name in another delegated administration role are not affected.

The filter name and description appear at the top of the page.

  • Click Rename to change the filter name.

    Note that the rename option is not available for the Monitor Only filter.

  • Type in the Description field to change the filter description.

The number next to Policies using this filter shows how many policies currently use the selected filter. If the cloud app filter is active, click View Policies for a list of policies that enforce the filter.

The bottom portion of the page shows the details of the filter you selected.

To change the way clouds apps are filtered and logged:

Steps

  1. Enable Block all high risk apps to block access to any cloud app that is considered high risk.
  2. In the Blocked apps list, add specific cloud apps that should always be blocked, regardless of their risk level.
    1. Enter all or part of a cloud app name in the Search box.
    2. A drop-down list appears, containing cloud app names that qualify for the search. As text is entered, the list of qualifying apps changes to match the search criteria. Each entry includes the risk level assigned to it.

      Search results are listed alphabetically within each risk level.

    3. Select the app you wish to add to the blocked list from the list provided and click Add.

      The cloud app is added to the blocked list.

    4. Remove an app by selecting it from the list and clicking Delete.

      The number of apps included in the list is provided above the list box. Cloud apps in the list are sorted alphabetically within each risk level.

  3. In the Permitted apps list, add cloud apps that should always be permitted.
    1. Enter all or part of a cloud app name in the Search box.
    2. A drop-down list appears, containing cloud app names that qualify for the search. As text is entered, the list of qualifying apps changes to match the search criteria. Each entry includes the risk level assigned to it.

      Search results are listed alphabetically within each risk level.

    3. Select the app you wish to add to the permitted list from the list provided and click Add.

      The cloud app is added to the permitted list.

    4. Remove an app by selecting it from the list and clicking Delete.

    The number of apps included in the list is provided above the list box. Cloud apps in the list are sorted alphabetically within each risk level.

    Note: The Permitted apps list takes precedence over the Block all high risk apps option. Access to a high risk app that is on the permitted list is allowed even if Block all high risk apps is enabled.
  4. If an app is selected that is already included in the list, a message appears to indicate that the app is already listed.
    Click OK to close the message window. No further action is taken.
  5. If an app is selected for inclusion in the blocked or permitted list but is already in the other list, a message displays confirming that it should be removed from the original list and added to the new list.
    Click OK to remove it from the original list and add it as requested. Click Cancel to leave both lists unchanged.
  6. After editing the filter, click OK to cache your changes and return to the Filters page. Changes are not implemented until you click Save and Deploy.
    Note:

    When the Edit Cloud App Filters page displays, specific information from the cloud apps database is included. If communication with Cloud App Agent is lost, an error appears on the page. When this happens:

    • New apps cannot be added to the blocked or permitted lists.
    • Some of the details for existing filters is included, but details that are specifically pulled from the database (such as risk level) will be missing.
    • Although minimal changes can be made, it is advised that you wait until Cloud App Agent can communicate with Forcepoint Security Manager.

Next steps

To activate a new cloud app filter, add it to a policy and apply the policy to clients (see Web Protection Policies).

Delete a filter by selecting it in the list on the Filters page and clicking Delete. Filters that are used in a policy cannot be deleted. The Monitor Only filter cannot be deleted since it is used as the default cloud apps filter when a new policy is added.