In a policy, you can define these access control features:
- Acceptable use policy (AUP). Allows or blocks websites based on categories. For more information, see Acceptable use policy.
- Data loss prevention (DLP). Allows your organization to identify and block sensitive or confidential data that's uploaded to websites on the Internet. DLP scans data that’s posted over an HTTP or HTTPS connection. For more information, see Data loss prevention.
- Application visibility and control (AVC). Allows your organization to control access to web applications. You can assign a policy action to define default policy behavior, categories, category operations, applications, and any application operations. These actions are performed on the policy's Access Control > AUP & Shadow IT tab. For more information, see Application visibility and control.
- Access by File Type. Allows you to block or monitor the download of specific file types. For more information, see Access by file type.