Add a Block list to a policy
If you plan to assign users and groups that can access blocked websites in a custom list, make sure you complete these configuration steps in the policy settings.
Before you begin
- Enable ETP Proxy.
- Select Require or Optional as an Authentication Mode.
- Associate an identity provider to the policy.
For more information, see Require authentication to access a website or web application.
To associate a list with a policy, you add the list to the policy. You must be an ETP administrator to perform this task. If you are a delegated administrator or a tenant administrator, you can modify the policy you created or the policies that you are allowed to access.
- In the Enterprise Center navigation menu, select .
- If you are modifying an existing policy, click the name of the policy that you want to edit.
- Click the Custom Lists tab.
Click the Block
Lists tab and do the following:
- Click the chain icon () to the right of the block list type you want to add to the policy.
In the window that displays, select one or more lists and click
Note: All Block lists added to a policy are assigned the Monitor action by default.
To change a list's Action value to Block, expand the rows on
the Block Lists tab until you see the specific Block
list. Then change the value in the Action field.
The image below shows where you would change the Action value:Note: Changing the value to Block displays additional fields and allows you to change the default values.
If you assigned the block action to a custom list and you want to configure
specific users and groups that can access known or suspected threats in a list,
complete these steps:
- In the Exceptions column for a list, click the link icon.
- In the Groups tab, select a group or groups.
- In the Users tab, search for the users and select a user or multiple users. If the user you searched for is not in the search results, you can click the add icon to add the user to the selected list.
- Click Associate.
- Click Save.
After you edit a policy, you must deploy the configuration changes to the ETP network. For instructions see Deploy configuration changes.