Cisco Cisco Web Security Appliance S670 User Guide

You can create Data Security and External DLP Policy groups based on combinations of several criteria, 
such as one or more Identification Profiles or the URL category of the destination site. You must define 
at least one criterion for policy group membership. When you define multiple criteria, the upload request 
must meet all criteria to match the policy group. However, the upload request needs to match only one 
of the configured Identification Profiles.

Choose Web Security Manager > Cisco Data Security (for Defining Data Security Policy group 
membership) or Web Security Manager > External Data Loss Prevention (for Defining External DLP 
Policy group membership).

Click Add Policy.

In the Policy Name field, enter a name for the policy group, and in the Description field (optional) add 
a description.

Each policy group name must be unique and only contain alphanumeric characters or the 
space character. 

In the Insert Above Policy field, choose where in the policies table to place the policy group.

When configuring multiple policy groups you must specify a logical order for each group. Order your 
policy groups to ensure that correct matching occurs.

In the Identities and Users section, choose one or more Identification Profile groups to apply to this 
policy group. 

(Optional) Expand the Advanced section to define additional membership requirements.