The IWSVA Virus, Applets and ActiveX Security, Application Control, Bandwidth Control, Data Loss Prevention, HTTP Inspection, Access Quota, URL-Filtering, and HTTPS decryption policies work by applying a set of rules to an account. Together they are called a policy.

A global policy is one that, by default, applies to all users of the LAN. Global policies are available for Advanced Threat Protection, Application Control, Bandwidth Control, Data Loss Prevention, HTTP Inspection, Applets and ActiveX Security, and URL Filtering, and HTTPS decryption.

For granular configuration, you can configure an exception list for each policy. In addition, you can specify that IWSVA bypass virus scans and compressed file handling actions for the exception list.

When a new policy is added to the client, administrators might find that the policy is not functioning correctly. You might also like to determine which policy is currently functioning on the client server. The policy query feature is designed to help you discover how many policies are currently functioning on a client.

Using the policy queries is as simple as entering a client’s IP address or a username in the search box and clicking the Search icon.

After clicking the Search icon IWSVA provides the query result grouped by the policy type and sorted by the order. This feature is best suited for administrators who need an overview or summary of the policies used in IWSVA, and a list of those policies that can be found in the violation logs.

Every policy has a "notes" field, and administrators can use the field to store detailed information about the policy.

When evaluating a URL, Web site or application, the internal IWSVA policy manager identifies which users are affected by the policy. If more than one policy applies, and if a user falls under more than one matching policy, IWSVA will apply the policy with the highest priority.

For example, say you have a quota of 25MB per day for all users in the organization. You create a policy to include the entire company. However, you know that certain members of the Marketing department need to be able to send and receive (FTP over HTTP) very large graphic files. You can accommodate both sets of needs by creating a 100MB per day policy for marketing and assigning it a higher priority (for example 1) than the 25MB per day policy.

If you have set up multiple instances of IWSVA to work together, and share the same IWSVA database, the policy list and priorities of all instances will be the same after you deploy the new policy or changes.

See also: