Rule sets Rule sets contain rules for a handling a particular field of web security. These fields include anti-malware filtering, URL filtering, media type filtering, and others. Availability of rule sets Rule sets are made available for your administration activities as follows: Default rule sets — After the initial setup of Web Gateway, default rule sets are provided for some important fields of web security. You can modify, rename, and delete these rule sets and the rules within them later on and also create new rule sets and rules. Library rule sets — A built-in rule set library is shipped with Web Gateway. You can import rule sets from this library to cover more fields of web security or extend the coverage of the default fields. All default rule sets are also contained in this library. An online rule set library offers even more rule sets, which you can import with relevant documentation after accessing the built-in library. Rule set views When working with a default or library rule set, there are usually two views available: Key elements view — This view allows you to configure key elements of the rules in this rule set. Key elements are those parts of the rules that you will most likely want to work with when configuring your policy for a particular field of web security. They include, for example, lists of web objects or settings for modules. In some cases, you can also enable or disable a rule, but you cannot view any rule completely, nor perform any other activities where a complete rule would be involved, such as deleting or creating a rule. Complete rules view — This view allows you to view all rules in the rule set and to configure all their elements, including the key elements. You can also enable or disable, move, copy, delete, and create rules in this view. When you create a rule set on your own, this can only be done using the complete rules view. This is also the only view that will be available for a rule set of this kind later on. Access log rule set The Access Log rule set is a nested rule set in the Default Log Handler rule set. Advanced Threat Defense rule set The Advanced Threat Defense rule set is a library rule set. It enables Web Gateway to use Advanced Threat Defense for additional scanning of web objects in the anti-malware filtering process. Application Control rule set The Application Control rule set is a library rule set for application filtering. ATD - Offline Scanning with Immediate File Availability rule set The ATD – Offline Scanning with Immediate File Availability rule set is a library rule set for enabling Web Gateway to work with Advanced Threat Defense when filtering web objects. Authorized Override rule set The Authorized Override rule set is a library rule set for imposing a time limit on web usage that can be passed by through the action of authorized user. Blocking Sessions rule set The Blocking Sessions rule set is a library rule set for blocking web sessions after an attempt to access a web object that is not allowed. Bypass ePO Requests rule set The Bypass ePO Requests rule set is a library rule set for allowing requests from a McAfee ePO server to bypass filtering rules on an appliance. Bypass Microsoft (Office 365) Services rule set The Bypass Microsoft (Office 365) Services rule set is the default rule set for letting requests and responses in traffic to and from Office 365 and other Microsoft services bypass filtering on Web Gateway. Cloud Storage Encryption rule set The Cloud Storage Encryption rule set is a library rule set for encrypting and decrypting data that is uploaded to and downloaded from cloud storage services. Cookie authentication with SAML back end and fixed ACS URL — rule set To support SAML authentication using an external Identity Provider, Web Gateway performs the Service Provider role. The rules in this rule set support this SAML scenario. Data Loss Prevention rule set The Data Loss Prevention (DLP) rule set is a library rule set for preventing sensitive content from leaving your network or inappropriate content from entering it. Data Loss Prevention (DLP) with ICAP for Cloud rule set The Data Loss Prevention (DLP) with ICAP for Cloud rule set is a library rule set. It is used for data loss prevention in the cloud. Default error handler rule set The Default error handler rule set is the default rule set for error handling. Enable Opener rule set The Enable Opener rule set is the default rule set for handling file opening on Web Gateway. Gateway Anti-Malware rule set The Gateway Anti-Malware rule set is the default rule set for anti-malware filtering. Gateway Anti-Malware with TIE rule set The Gateway Anti-Malware with TIE rule set is a library rule set for integrating anti-malware flitering on Web Gateway with information retrieved from a TIE server. Global Whitelist rule set The Global Whitelist rule set is the default rule set for global whitelisting. Media Type Filtering rule set The Media Type Filtering rule set is the default rule set for media type filtering. Single Sign On rule set Using the nested rule sets that come with the Single Sign On rule set, you can configure SSO access to cloud services and applications for users in your organization. SSL Scanner rule set The SSL Scanner rule set is the default rule set for SSL scanning. SSO Log rule set The SSO Log rule set is activated when the request is made by an SSO component, including the SSO.Client and SSO.Proxy components. Time Quota rule set The Time Quota rule set is a library rule set for imposing time quotas on web usage. URL Filtering rule set The URL Filtering rule set is the default rule set for URL filtering. Volume Quota rule set The Volume Quota rule set is a library rule set for imposing volume quotas on web usage. Web Cache rule set The Web Cache rule set is a library rule set for web caching.
Rule sets Rule sets contain rules for a handling a particular field of web security. These fields include anti-malware filtering, URL filtering, media type filtering, and others. Availability of rule sets Rule sets are made available for your administration activities as follows: Default rule sets — After the initial setup of Web Gateway, default rule sets are provided for some important fields of web security. You can modify, rename, and delete these rule sets and the rules within them later on and also create new rule sets and rules. Library rule sets — A built-in rule set library is shipped with Web Gateway. You can import rule sets from this library to cover more fields of web security or extend the coverage of the default fields. All default rule sets are also contained in this library. An online rule set library offers even more rule sets, which you can import with relevant documentation after accessing the built-in library. Rule set views When working with a default or library rule set, there are usually two views available: Key elements view — This view allows you to configure key elements of the rules in this rule set. Key elements are those parts of the rules that you will most likely want to work with when configuring your policy for a particular field of web security. They include, for example, lists of web objects or settings for modules. In some cases, you can also enable or disable a rule, but you cannot view any rule completely, nor perform any other activities where a complete rule would be involved, such as deleting or creating a rule. Complete rules view — This view allows you to view all rules in the rule set and to configure all their elements, including the key elements. You can also enable or disable, move, copy, delete, and create rules in this view. When you create a rule set on your own, this can only be done using the complete rules view. This is also the only view that will be available for a rule set of this kind later on. Access log rule set The Access Log rule set is a nested rule set in the Default Log Handler rule set. Advanced Threat Defense rule set The Advanced Threat Defense rule set is a library rule set. It enables Web Gateway to use Advanced Threat Defense for additional scanning of web objects in the anti-malware filtering process. Application Control rule set The Application Control rule set is a library rule set for application filtering. ATD - Offline Scanning with Immediate File Availability rule set The ATD – Offline Scanning with Immediate File Availability rule set is a library rule set for enabling Web Gateway to work with Advanced Threat Defense when filtering web objects. Authorized Override rule set The Authorized Override rule set is a library rule set for imposing a time limit on web usage that can be passed by through the action of authorized user. Blocking Sessions rule set The Blocking Sessions rule set is a library rule set for blocking web sessions after an attempt to access a web object that is not allowed. Bypass ePO Requests rule set The Bypass ePO Requests rule set is a library rule set for allowing requests from a McAfee ePO server to bypass filtering rules on an appliance. Bypass Microsoft (Office 365) Services rule set The Bypass Microsoft (Office 365) Services rule set is the default rule set for letting requests and responses in traffic to and from Office 365 and other Microsoft services bypass filtering on Web Gateway. Cloud Storage Encryption rule set The Cloud Storage Encryption rule set is a library rule set for encrypting and decrypting data that is uploaded to and downloaded from cloud storage services. Cookie authentication with SAML back end and fixed ACS URL — rule set To support SAML authentication using an external Identity Provider, Web Gateway performs the Service Provider role. The rules in this rule set support this SAML scenario. Data Loss Prevention rule set The Data Loss Prevention (DLP) rule set is a library rule set for preventing sensitive content from leaving your network or inappropriate content from entering it. Data Loss Prevention (DLP) with ICAP for Cloud rule set The Data Loss Prevention (DLP) with ICAP for Cloud rule set is a library rule set. It is used for data loss prevention in the cloud. Default error handler rule set The Default error handler rule set is the default rule set for error handling. Enable Opener rule set The Enable Opener rule set is the default rule set for handling file opening on Web Gateway. Gateway Anti-Malware rule set The Gateway Anti-Malware rule set is the default rule set for anti-malware filtering. Gateway Anti-Malware with TIE rule set The Gateway Anti-Malware with TIE rule set is a library rule set for integrating anti-malware flitering on Web Gateway with information retrieved from a TIE server. Global Whitelist rule set The Global Whitelist rule set is the default rule set for global whitelisting. Media Type Filtering rule set The Media Type Filtering rule set is the default rule set for media type filtering. Single Sign On rule set Using the nested rule sets that come with the Single Sign On rule set, you can configure SSO access to cloud services and applications for users in your organization. SSL Scanner rule set The SSL Scanner rule set is the default rule set for SSL scanning. SSO Log rule set The SSO Log rule set is activated when the request is made by an SSO component, including the SSO.Client and SSO.Proxy components. Time Quota rule set The Time Quota rule set is a library rule set for imposing time quotas on web usage. URL Filtering rule set The URL Filtering rule set is the default rule set for URL filtering. Volume Quota rule set The Volume Quota rule set is a library rule set for imposing volume quotas on web usage. Web Cache rule set The Web Cache rule set is a library rule set for web caching.