Tags
documentation vendor notice security dashboard events resolution remote tool partner onboard itarian unknown file hunter TLS Encryption procedure parameters pass profiles history performance metrics real time remote endpoints download browse Subscriptions service URL Security Components system Global Software Inventory 2 minutes Integrate intagrate Active Directory Portable Interception SSL enable reporting Rule Threat Protection Rule Advance spam Customize archived outgoing incoming administrator validate domains add Antispam type PCI data loss Location Network information start software session extensions appoinments resource connection computers Comodo Rescue Disk infected opportunity opportunities custom relationship management quote COMODO-CRM protect mac device email notifications registry COM Quarantined point system restore msi contained applications processes security client events Release date department registration particular os section Two Factor Authentication Login interface dashboard report generate Direct Download Link One drive Google drive HIPS mode cleanup automatic suspicious suspicious certificates shellcode injection detect Elevated Access system user access default charging groups move current malware list store push IP address ip installer acronis auto-remediation server machine icon Product Logos Rebrand backup Device Control data Chromoting WebRTC ports Protocol skip offline manual time entries ticket assignee Help Guide Tour schedule Reschedule appointment unknown application protection virtual desktop Local Verdict server manage calculation cost configuration charging SD contract prepaid hours products classification inventory analyze Device list OS patches global search bar Tool bar Windows Defender Security Center file group white Citrix record SPF work billable time onsite email template template variables emails Gmail SMTP disable Add collaborators admin action Audit logs feature requests submit vote remotely Reset proxy swg secure web gateway dome error disk ticket detail page thread section tickets section internal notes Sub-help topic help topic features Application control white_list Patch Management child parent scheduled customized get to headers columns company restrict customer technician remote access list iOS devices field Reports iOS device APN Certificate MAC OS X options Linux block Comodo Client Communication (CCC) allow Comodo Client Security (CCS) network zones active component tray icon hide show packages additional install block port baseline installation package bulk implement restrict firewall endpoints security and communication global export virus import Database folders files define exclusions change staff admin rating check reassign assign permissions new role create for user of device enroll associated use how profile specific Removing Devices Uninstall windows profile Configuration templates latest version clients comodo file ratings monitoring script procedure custom All Devices Ratings Track widgets Agent valkyrie malware files Kill chain report automated establishing endpoint remote session Users prevent Android organization windows assets Mac OS billing identified threats Sort Closed inside Program executed containment service desk remote control Locally runs update scan antivirus SLA Business Hours control CCS Password access Client Auto Specific Device Response Application Third party Status View Logs intended devices alert fails Company Information Configure Verdict Patch Procedures Executable Comodo Internet Security ITSM Analysis Command Line Heuristic Filter Unrecognized Trusted File Rate Malicious Purge Calendar Device Exclusion USB Admin Panel Settings ticket Default system-wide Specific Path Details Monitor Multi Set Currency Connected Who Quick Actions Comparison Version Enterprise Managed Service Provider C1 Portal Remote management Comodo Remote Control ticket management staff panel assign tickets
More

How to Create Policy

Release Time
11/28/2017
Views
1501 times
Category
Dome Secure Web Gateway
Tags

Environment : Comodo Dome Secure Web Gateway 

Summary : After enrolling networks as explained in how-to-add-new-location, the default global policy will be applied automatically to end users in your networks. Dome SWG allows you to create new policies then deploy them to your networks as required. In addition, you can also create and deploy polices that are tailored for specific users, groups and departments

Prerequisites

- It is assumed that you have already C1 account 

- It is assumed that you have already Dome SWG instance in your C1 portal 

- It is assumed that you have already add your location (please read how-to-add-new-location )

Configuration Steps: 

Step 1 :  Connecting Dome SWG Portal 

i.  Login to C1 portal from https://one.comodo.com 

ii.  Go to Application --> cDome Standard 

iii.  Cdome Standard (SWG) portal will be opened on another tab

Step 2: Creating New Policy 

After enrolling networks as explained in how-to-add-new-location, the default global policy will be applied automatically to end users in your networks. Dome SWG allows you to create new policies then deploy them to your networks as required. In addition, you can also create and deploy polices that are tailored for specific users, groups and departments

i.  Go to Configuration -- > Policy

ii. Click on "New Policy" button 

iii.  Enter Policy Name and Remark (optional)

  • Policy Order : Select where the rule has to be placed. The drop-down will display the number of rules that are currently available. If you select '1', then the policy will be placed at the top of the list.
  • Name:Enter a name for the policy.
  • Remark : Enter appropriate comments for the policy.

iv.  Click 'Next'  to proceed 'Select Object' 

v.  In the 'Select Objects' section, you can specify the object(s) for which you want to apply the policy

  • Select Location – By default 'Any' will be selected. Click on the field and select the trusted network from the list. The networks that are added in Locations will be displayed from the drop-down including 'Roaming Users' to apply the policy to roaming devices. To add new location please see how-to-add-new-location
  • Select User – By default 'Any' will be selected. Click on the field and select the user(s) from the list. The users that are added in User Management will be displayed from the drop-down.
  • Select Group – By default 'Any' will be selected. Click on the field and select the group(s) from the list. The groups that are added in User Management will be displayed from the drop-down.
  • Select Department – By default 'Any' will be selected. Click on the field and select the department(s) from the list. The departments that are added in User Management will be displayed from the drop-down.

vi. Click 'Next' to process further 

vii. In Apply Policy section , you can specify the security and web content profiles that you want to add to the policy. 

  • Advanced Threat Protection Profile – The default profile will be selected. The drop-down will display the ATP exception profiles that are available in Security Policy section. Select the appropriate ATP profile from the list.
  • Containment – Select whether you want to run unknown files in the sandbox. Refer to the section 'Configuring Containerization Settings' for more details. By default, Containment is enabled.
  • URL Filtering Profile – The default profile will be selected. The drop-down will display the URL filtering profiles that are available in URL Filtering section. Select the appropriate URL filtering profile from the list.
  • SSL Inspection Settings - Allows you to configure how Dome Standard should act if SSL certificates for the visited websites are untrusted or revoked. Please note this is a global setting, meaning any modification done will apply for all the policies. Clicking the 'Show Details' link will open the 'SSL Inspection' page. Refer to the section 'Configuring SSL Inspection Settings' for more details.
  • File Type Control Policy – Displays file download restriction rules that were created in 'Configuration' > 'WebContent Policy' > 'File Type Control'. See File Type Control Rules for more about this area. Select the appropriate file control rule you wish to apply.

viii. Click Create button to apply your policy.