Configure application visibility and control

Complete this procedure to configure application visibility and control (AVC). AVC allows you to control access to web applications. In this procedure, you’ll define different components. The specific settings you define in the policy are prioritized over more general settings. For more information, see Application visibility and control.
Note: AVC is currently in beta. To participate in the beta, contact your Akamai representative.

How to

  1. In the navigation menu, select Configuration > Policies.
    Note: If you are trying the new Enterprise Center interface, in the navigation menu, select Policies > Policies.
  2. Click the name of the policy that you want to edit.
  3. Go to the Settings tab.
  4. To use ETP Proxy with AVC, enable the proxy toggle. While the proxy is not required for configuring application visibility and control, you cannot configure category operations without enabling it.
  5. If you enabled the proxy, make sure inline payload analysis is also enabled.
  6. If you want to configure user and group exceptions to any blocked content in an AVC policy, complete these steps:
    1. Make sure Required or Optional is selected as an Authentication Mode. For more information, see Authentication policy.
    2. In the identity provider menu, select an identity provider if one is not selected.
  7. Click the Access Control tab.
  8. Click the AUP & Shadow IT subtab.
  9. Expand the Default area and select a default action. The action that’s selected determines default policy behavior as well as the type of proxy that’s enabled.
    • To bypass ETP Proxy, select the Bypass action. This action enables the selective proxy. Only risky traffic is forwarded to ETP Proxy for analysis.
    • To classify traffic, select the Classify action. This action directs all traffic to the full web proxy. This action is available to organizations that are licensed for ETP Advanced Threat.
    • To block traffic, select the Block - Error Page action. This action directs traffic to an error page.
  10. Expand the Risk area and select a policy action for any of the risk levels that you want to define in the policy. As a best practice, select the block action for the critical risk level. If you select a block action, complete these steps to assign a user or group exception:
    1. Click the link icon in the exceptions column. A window appears.
    2. In the Groups tab, select the groups that you want to exempt from the block action.
    3. In the Users tab, search for the users and select the users that you want to exempt from the block action. If the user you searched for is not in the search results, you can click the add icon to add the user to the selected list.
    4. Click Associate.
  11. Expand the Category area and consider the policy actions that you want to apply to a category or categories. For example, you may choose to block Gambling websites. Complete these steps:
    1. Click the link icon and select the categories that you want to associate with the policy. Click Associate.
      Note: You can select a policy action as you associate a selected category or after you associate a category.
    2. Select an action for each category.
    3. If you select a block action, complete steps 10a to 10d to assign a user or group exception.
  12. Expand the Category Operations area and consider the policy actions that you want to apply to an operation or operations. For example, you can search for all upload operations, select these operations for your policy, and select to block them across all categories. Complete these steps:
    1. Click the link icon and select the category operations that you want to associate to the policy. Click Associate.
      Note: You can select a policy action as you associate a category operation or after you associate a category operation.
    2. Select an action for each category operation.
    3. If you select a block action, complete steps 10a to 10d to assign a user or group exception.
  13. Expand the Applications area and consider the policy actions that you want to apply to an application or applications. If there is an operation supported for a selected application, you can also select a policy action for the application operation. Complete these steps:
    1. Click the link icon and select applications that you want to associate to the policy. Click Associate.
    2. Select an action for each application. If there are operations listed for an application, expand the application to view the operations. Select the policy action for the operations.
    3. If you select a block action, complete steps 10a to 10d to assign a user or group exception.
  14. Click Save.

Next steps

Deploy configuration changes