Manage Enforcement of Policy Rule Recommendations Using SaaS Inline Policy Recommendation Snippet

When a SaaS Security administrator authors and submits SaaS policy rule recommendations, the Web Security or Data Security administrator imports those new rule recommendations and updates or removes those same rule recommendations as the SaaS Security administrator makes changes to them. Before you begin, review the SaaS Security access privileges for your Web Security or Data Security administrator to ensure they can successfully manage enforcement of rule recommendations. You can also troubleshoot issues after implementing new policy rules or modifying existing ones.

SaaS policy rule recommendations are based on a combination of apps, users and groups, categories, activities, device posture, and data profiles. The import process automatically creates the necessary objects, including an Application Group for the apps in the SaaS policy rule recommendation. The name of the Application Group is derived from the Rule Name that the SaaS Security administrator assigned to the SaaS policy rule recommendation.

Use snippets to standardize a common base configuration for a set of NGFW, and Prisma Access tenants. This allows you to quickly onboard new devices with a known good configuration and reduces the time required to onboard a new device. Additionally, this also allows you to quickly apply the same SaaS app security enforcement to multiple NGFW, and Prisma Access tenants. Use the predefined SAAS-Inline-Pol-Recommendations snippet to simplify management of your SaaS Security Inline Policy Recommendations.