Cloud Access Rules

TMWS provides a combination of security and access policies for different needs, for example, authenticating certain users or groups, handling potentially malicious content, and controlling access to specific websites and website categories. You can add, modify, prioritize, and delete cloud access rules to allow TMWS to apply or skip policies depending on certain scenarios.

Go to Policies > Cloud Access Rules.

Manage cloud access rules.

Task	Details
Add/Edit a cloud access rule	Click Add or select an existing cloud access rule under Rule Name, and then specify the settings on the screen that appears. For details, see Configuring A Cloud Access Rule.
Delete a cloud access rule	Select one or several cloud access rules to delete and then click Delete. Do this if you no longer need a cloud access rule, instead of disabling it.
Duplicate a cloud access rule	This feature is a convenient way of adding a new cloud access rule with settings similar to an existing rule. Select a cloud access rule and click Duplicate. Under Rule Name, click the duplicated rule and then specify settings on the new screen that appears. Note: You can duplicate only one cloud access rule at a time.
View data in table columns	Click the arrow before the rule name to expand the rule details. Rule Name: Name of a cloud access rule. Note: before the rule name indicates that the cloud access rule is enabled. before the rule name indicates that the cloud access rule is disabled. Users / Groups: Users, user groups, or IP address groups that a cloud access rule applies to. Target Domains: Domains that a cloud access rule applies to. Gateways: Gateways that a cloud access rule applies to. Traffic Types: Application categories, URL categories, including customer-defined URL categories, and cloud applications that a cloud access rule applies to. All: The rule applies to all application categories, URL categories, and cloud applications. : Whether any application category is selected. : Whether any URL category is selected. : Whether any customer-defined URL category is selected. : Whether any cloud application is selected. Cloud Services: Cloud service filters that a cloud access rule applies to. : Whether any cloud service filter is selected. Content Types: Content types that a cloud access rule applies to. All: The rule applies to all content types. : Whether any MIME content type is selected. : Whether any file name is specified. : Whether any true file type is selected. Action: Whether to allow or block the web traffic that matches the settings in Traffic Types and Content Types. : Allow : Block Security Templates: Threat Protection template and Data Loss Prevention profile used in a cloud access rule.
Prioritize cloud access rules	After creating more than one cloud access rule, you can prioritize them to determine which cloud access rules take precedence when applied. Use either of the following ways: Select a cloud access rule and then click Move to move it up or down to a specific position or to the top or bottom as necessary. Hold the part in the front of a cloud access rule, and then use drag-and-drop to move it to a specific position as necessary. Note: The default cloud access rule always has the lowest priority, and the Move action does not apply.
Enable/Disable a cloud access rule	Use either of the following ways: Select one or several cloud access rules to enable or disable, and then click More > Enable or Disable. Click or before a cloud access rule to enable or disable it as necessary. Note: The default cloud access rule is always enabled and cannot be disabled.
Search for a cloud access rule	Type a keyword or part of the keyword related to either column in the table in the Search text box. Note: If there are many entries in the table, type some characters in the Search text box to narrow down the entries. As you type, the entries that match the characters you typed are displayed immediately.