You create an
application filter to enforce the same
data exfiltration controls for
Sanctioned
applications.
In this case, you must tag all the child App-IDs of the
claude
App-ID container to apply the
policy rule action for all
sub-processes of the
Sanctioned
claude
GenAI app.