Once you've verified that all Active Directory (AD) components integrated successfully, define and apply security and acceptable use policies to AD Groups.
- Navigate to Policies > Policy List and click the (Add) icon or click the name of an existing policy.
- Check the AD Groups checkbox if you want to apply a single policy for all AD users and/or computers, or check the box next to one or more specific groups via the identity picker. To remove a selected group, either uncheck its box via the identity picker or click the red X icon to the right of its name.
Note: Clicking a group shows its members including nested groups, user accounts or computer accounts. Selecting the group will apply the policy to all its members. You can select only a nested group, but not an individual user or computer account. As a best practice, centrally manage your group memberships via Active Directory. Any changes will be synced with Umbrella within a few hours.
- Click Next.
- Select the Policy Settings, including the security settings, category settings, and destination lists for your identity and click Next.
- Select Block Page Settings you would like enforced for this policy and then click Next.
Note: If you have not yet created non-default settings, go to the 'Policy Settings' or 'Block Page Settings' pages to do so.
- Set a meaningful description for the policy and click Save.
Note: The policy you created will be applied within 60-90 seconds to any new connections coming into Umbrella through the VAs.
- Click and hold the (drag handle) icon to re-order the policy above or below any other existing policies.
Note: Policy execution follows a top-down, first-match order of operations. The first policy assigned to an identity is enforced. Any subsequent policies assigned to the same identity are ignored. There is an editable, but immutable, the Default Policy (always ordered last), which is a catchall for any identity. For more information, refer to our Policy Guide linked here.