Views:

Lists of the ranges and limitations for secure access rules, resources, and other features in the Zero Trust Secure Access app.

Secure Access rules

Feature
Limit
Risk Control rule
  • 500 rules
  • 100 users/groups per rule in classic view
  • 100 users/groups per Users node per rule in playbook view
  • 100 URL categories per rule
  • 100 custom cloud app categories per rule
  • 100 specific actions for supported cloud apps per rule
  • 50 Users node branches per customized rule in playbook view
    Note
    Note
    Customized rules are the rules created from New rule in playbook view.
  • 50 Condition node branches per Users node per customized rule in playbook view
Private Access rule
  • 2,000 rules
  • 100,000 users/groups per rule
  • 40 locations per rule
  • 40 internal apps per rule
Internet Access rule
  • 200 rules

Secure Access resources

Feature
Limit
Device Posture profile
  • 1,000 device posture profiles
File profile
  • 100 file profiles
Threat Protection rule
  • 100 Threat Protection rules
  • File size for File Scanning: 2 GB
  • File compression layers: 20
Data Loss Prevention rule
  • 100 Data Loss Prevention rules
AI Content Inspection rule
  • 100 AI Content Inspection rules
  • 128 characters per rule name
  • 128 characters per rule description
Custom URL category
  • 100 custom URL categories
  • 1,000 domain/keyword/URL entries per category
Custom Cloud App category
  • 200 custom cloud app categories
  • 200 cloud apps per category
IP Address group
  • 1,000 IP address groups
  • 100 IP addresses per group
Tenancy Restriction rule
  • 100 Tenancy Restriction rules
  • Applicable domains: 128 characters
  • Header field value: 1,024 characters
HTTP/HTTPS Traffic filter
  • 200 HTTP/HTTPS Traffic Filters
Data Loss Prevention template and data identifier
  • 100 Custom Expressions
  • 100 Custom File Attributes
  • 100 Custom Keyword Lists
  • 1000 Keywords for each custom Keyword List.
    Note
    Note
    Keywords must be 3-40 characters long.

Private Access configuration

Feature
Limit
Private Access connector
  • 20 Private Access Connector groups
  • 10 Private Access Connector virtual appliances per group
Internal app
  • 1,000 internal apps
  • 1,000 app group tags
  • 500 internal apps per app group tag
  • 1,000 internal apps in the user portal (Browser Access)
Certificate
  • 1,000 server certificates
  • 1,000 enrollment certificates

Internet Access and AI Service Access configuration

Feature
List
Gateways
  • 500 corporate network locations
  • 2,000 public IP addresses for corporate network locations per customer
  • 500 on-premises gateways
  • 100 Bandwidth control rules
  • 100 Rate limit rules
  • 100 LLM profiles
PAC file
  • 30 PAC files
HTTPS Inspection rule
  • 100 HTTPS inspection rules
HTTPS Inspection exception
  • 2,000 HTTPS inspection exceptions
  • 100 excluded subdomains per exception
  • Domain name: 255 characters
TLS/SSL certificate
  • 100 trusted root/intermediate certificates
  • 100 untrusted root/intermediate certificates
  • Root/intermediate certificate file size: 1 MB
  • Root/intermediate certificate file format: .pem (Base64 encoding), .p7b (ASCII)
  • 200 server certificates/common names
Allow List/Deny list
  • 1,000 allowed URLs
  • 1,000 denied URLs

Customization settings

Feature
Limit
Page banner
  • Image format: JPEG, JPG, PNG, SVG
  • Image size: 100 KB
  • Image dimensions: 24 x 24 pixels
Sign In page
  • 600 characters
User portal
  • 100 characters
Restricted Access page
  • Secure Access Module Notification: 160 characters
  • Other restricted access pages: 10,240 characters

AI Service Access

Feature
Limit
Rule
  • 100 rules
Rule name
  • 128 characters
Rule description
  • 128 characters