What To Do? determines the outcome of content rules. They are the action(s) to take when a web content or traffic meets the specified set of conditions, thus, the content rule is triggered. In other words, what action(s) to take when your content security policy is violated.
What To Do? consists of two types of actions: a principal action called Primary Action, followed by an additional action called What Else To Do?.
Primary Action
Each content rule operates with a principal What To Do? action called Primary Action. Primary Action defines how detected web traffic is handled.
For example, in a Detect virus content rule, this action might be to Block the communication or Continue to the next rule.
|
Primary Action is used in two areas in Secure Web Gateway:
Ensure that you are aware of the differences between them. |
What Else To Do? actions
In addition to the principal
The following actions are available:
-
Generate an Inform
The Generate an Inform action sends a notification email to specified recipients to inform them of the actions taken during
-
Using Informs with an IG Server
If you are using an IG Server, you can also copy the inform to document owners so that document owners who have registered documents on the IG Server can be notified of policy violations. For more information, refer to Using Informs with an IG Server.