After you Enable
User-ID, you will be able to configure Security
Policy that applies to specific users and groups. User-based
policy controls can also include application information (including
which category and subcategory it belongs in, its underlying technology,
or what the application characteristics are). You can define policy
rules to safely enable applications based on users or groups of
users, in either outbound or inbound directions.
Examples of user-based policies include:
Enable only the IT department to use tools such as SSH,
telnet, and FTP on standard ports.
Allow the Help Desk Services group to use Slack.
Allow all users to read Facebook, but block the use of Facebook
apps, and restrict posting to employees in marketing.