Conditional Policy for URL Input Field
The conditional policy for the URL input field is a feature that allows for detailed management of access permissions and isolation security policies for the created URL input field. Access can be controlled based on conditions such as members, location, and time, and various security policies can be applied.
Table of Contents
- Basic
- Basic Screen Layout
- Policy Search
- Policy Application Status Inquiry
- Get Policy
- Policy Settings
- Add Policy
- Policy Basic Information - Policy Name, Members, Target
- Condition - Location, Time
- Execution Policy - Access Policy, Additional Authentication
- Isolation Security Policy - Keyboard, Files, Clipboard, Sessions, Context Menus, etc.
- Policy Configuration Management
- Policy Application Priority
- Download Policy Status
- Management of Default Execution Policies
Basic Screen Layout�
The conditional policy screen is composed as follows:
- Conditional Policy Tab: A tab where you can apply conditional policies to apps created from the home.
- Priority: Display policy priorities (the smaller the number, the higher the priority)
- Add Policy: Top left**[➕ Add Policy]**Create a new policy with a button
- Search: Policy name, members, target URL/category, usage status, and various other conditions can be searched.
- Policy Application Status Inquiry: Policy list top button bar of**[Policy Application Status Inquiry]**View application history by policy and non-applied policies with the button
Policy Search
You can search for policies based on various criteria, including the policy name, members, target URL·category, conditions, enforcement policies, and usage status.
| Filter | Search Method | Description |
|---|---|---|
| Policy Name | Inclusive Search | Search for policy names that include keywords |
| Members | Inclusive Search + Dropdown Selection | User (Name·Email), Group, Department Search, Assignment/Exception Classification Selection, Multiple Selection Available |
| Target - URL | Inclusive Search + Dropdown Selection | Search by registered URL name and address, all URL fixed values can be selected, multiple selections are possible. |
| Target - Category | Dropdown selection | Search by registered web category name |
| Usage | Dropdown selection | Use / Not Use Selection |
| Condition | Inclusive Search + Dropdown Selection | Search by location (IP), time, and device conditions, multiple selections possible |
| Execution Policy | Dropdown selection | Access Allow/Deny, Isolation Security Policy (Allow All/Restricted Use), Additional Authentication Method Selection, Multiple Selections Possible |
Target Search Details
URL Search: Enter the name or address of the registered URL, and a list will be displayed below with a partial match search. All URLs are pinned at the bottom of the dropdown and will only be included in the search results if selected directly. If you search for a specific URL, only the policies directly set for that URL will be searched, and all URL policies will not be included.
Category Search: Select a web category from the dropdown. Individual URLs belonging to the category are excluded from the search results.
Member Search Details
When you enter a name or email in the search box, results are displayed in real-time in a dropdown. You can select the Assignments / Exceptions tab to distinguish between cases that are assigned to a policy and those that have been handled as exceptions. All members are fixed at the bottom of the dropdown and will only be included in the search results if selected directly.
Detailed Condition Search
- Location: Search by entering an unrestricted location name or a registered location name. The results will be displayed in the format of location name | IP range.
- Time: Search by entering an unlimited time or a registered time name. The results are displayed in the format of time name | time range.
- Device: Choose from all devices, Desktop, Tablet, Mobile.
Detailed Search of Execution Policies
- Access Policy: Select Allow Access / Block Access
- Isolation Security Policy: Allow All / Select Limited Use
- Additional authentication methods: None / Email verification / OTP verification (applies only to access permission policies)
Search Condition Combination Rules
- Between filters (AND condition): If you set multiple different filters, only the policies that satisfy all conditions simultaneously will be displayed.
- Within Filter (OR Condition): If multiple items are selected within the same filter, any policy that matches at least one will be displayed.
Each set condition is displayed in tag form, and individual conditions can be removed using the × button on the tag.
⚠️ Priority changes are not possible when search filters are applied. To change the priority, please clear all search filters.
Policy Application Status Inquiry
Top of the policy list**[Policy Application Status Inquiry]**Clicking the button opens a modal where you can view the application history of conditional policies and the policies that were not applied by period.
Modal Configuration
| area | Content |
|---|---|
| Query Period | Select Calendar from [Start Date] to [End Date] |
| tab | Applied Policies / Unapplied Policies |
| Download | Download Excel of the search results using the button in the upper right [↓] |
Applied Policies Tab
Displays the list of policies that were actually applied (heated) to users during the specified period.
| column | Description |
|---|---|
| Priority | Current priority number of the policy |
| Policy Name | Policy Name (click to go to the edit details screen) |
| Description | Policy Description |
| Policy Usage Status | Currently in use / Not in use status |
| Application Frequency ↑↓ | Number of times the policy was applied during the inquiry period (thousand unit comma display, sortable) |
| Recent application date ↑↓ | Most Recent Date Policy Applied Within the Query Period (Sortable) |
💡 When sorting the application frequency in ascending order, you can quickly identify policies with low usage at the top.
Unapplied Policy Tab
Displays a list of policies that have not been applied (heated) even once during the specified period.
💡 By regularly checking for unapplied policies and organizing unnecessary ones, you can reduce the complexity of policy management and optimize the security environment.
Get Policy
You can import a backup of the conditional policy from a JSON file (single policy) or a ZIP file (multiple policies) to register it.
- Download: Check the item checkbox > Click the [Download Policy] button in the top button bar
- When selecting 1: Download JSON file
- When selecting 2 or more: Download as a ZIP file.
- importClick the [Import Policy] button to select and register the backed-up JSON file or ZIP file.
➕ Add Policy
Clicking **[➕ Add Policy]** will take you to the new conditional policy page, where you can set the following items:
- Basic Policy Information
- Condition
- Execution Policy
- Settings
📌 Basic Policy Information
Policy Name
- Name (required): Up to 20 characters allowed
- Description (optional): Up to 200 characters can be entered.
Members
Set users or groups to include or exclude in this conditional policy.
- Allocation
- All users: Apply policy to all users
- Select user or group: Search for and select a specific user or group.
- Exclusion
- Specify users or groups to exclude from the policy
- Excluded members are not subject to the policy regardless of assignment status.
- The 'All Users' option cannot be used in exclusions.
Target
Select which targets to apply this conditional policy to.
All sites accessed through the address bar
Applies policies to all websites accessed through the URL input field. Used for setting default policies such as block all or allow all.
Usage Example:
- Create a Site-Wide Blocking Policy (Set to Low Priority)
- Specific sites allowed are created with separate policies (set with high priority)
Registered Sites/Groups(Displayed only when selecting the target directly)
Select individual sites or groups registered in the URL list. This is used when you want to apply policies to specific sites only.
How to set up: Click 'Select the sites registered in the address bar' → Select the desired site/group
Web Category(Displayed only when selecting the target directly)
Policies are applied on a category basis. This is efficient when applying uniform policies to sites of the same nature.
How to set up: Click 'Select a web category' → Choose the desired category (e.g., Games, Entertainment, Business, Academic Information, etc.)
Characteristics of Web Categories
Policies will be automatically applied to all sites belonging to the category without having to register individual URLs one by one. After that, the administratorBusiness System > CategoryIf you change the category of a specific domain in the menu, it will be immediately reflected in the conditional policies targeting that category.
| Division | Registered Sites/Groups | Web Category |
|---|---|---|
| Scope of Application | Only registered URLs apply | Automatically Apply to All Categories |
| When adding a new site | Need to add directly to the policy | Automatically applied once category classification is done |
| Appropriate Cases | Individual Control of Specific Sites | Batch Control of Sites with the Same Characteristics |
Example of Policy Configuration Strategy
Scenario 1: Basic Blocking + Selective Allowance
- Policy A (Priority: 2): Target - All sites accessed via the address bar / Enforcement Policy - Access Blocked
- Policy B (Priority: 1): Target - Web Category Business, Academic Information / Enforcement Policy - Allow Access
Scenario 2: Differential Control by Category
- Game/Entertainment Blocking Policy: Target - Web Category Games, Entertainment / Conditions - Working Hours / Enforcement Policy - Access Blocked
- Security Threat Continuous Blocking Policy: Target - Web Category Malware Distribution Sites, Phishing Sites / Enforcement Policy - Access Block
- Work Site Allowance Policy: Target - Web Category Business, Cloud / Execution Policy - Access Allowed
Condition
Set conditions such as location and time to be used for policy judgment. Based on the assigned conditions, determine the user's access environment and decide whether to apply the policy.
Location Conditions
- All Locations(default): Apply policy at all locations without specific location conditions
- Select Registered Location: Select from the locations registered in the Security365 Management Center's condition items.
- [+Register Location]: Click to add a new location condition
- Exception Selection: Use to exclude a specific location among the selected locations.
Time Condition
- All Time(default): Always apply policy without specific time limits
- Registered Time Selection: Select from the registered time in the conditions section of the Security365 Management Center.
- [+Register Time]: Click to add a new time condition
- Exception Selection: Use to exclude a specific time zone from the selected time.
The location and time conditions can be registered/deleted/edited in the [Condition Items] menu of the Security365 Management Center.
Execution Policy
Access Policy
This sets the access permissions when a member of the subject to this conditional policy attempts to connect.
- Access Denied: Completely block URL access under the specified conditions
- Access Permission: Allows URL access and enables the configuration of additional authentication methods.
Additional authentication methods(Only configurable when access is allowed)
- Not in use: Accessing the target without additional authentication
- Email Verification: The authentication code input window appears, and the authentication process begins (time limit: 5 minutes)
- OTP Authentication: Guidance on QR code and recovery key during initial registration, proceed with authentication by entering the authentication code after registration.
⚠️ If authentication fails, display a notification popup saying "Authentication has failed." Access to the target is not possible.
Isolation Security Policy
Set policies to control user behavior when accessing the URL. For all behavior control items, you can choose whether to allow or block them.
| Item | Description |
|---|---|
| Keyboard Input | When blocked: "Key input is prohibited by policy." notification is displayed at the bottom center. |
| Site Navigation | Access to domains other than the one accessed is not allowed when blocked. When trying to access a blocked site, you will be redirected to a page stating "This action is prohibited by policy." |
| File Upload | Allowed file extension restrictions and selection of storage (My PC file folder / SHIELDGate file folder) |
| File Download | When blocked, navigate to the "This action is prohibited by policy." guidance page. When allowed, extension restrictions and repository selection are possible. |
| Clipboard Access | Individual control of copy/paste directions between the isolated browser and user PC |
| Session Persistence | You can set idle time when activated. The screen will be locked after the idle time has elapsed. |
| Screen Marking | Display a watermark containing the username and email information on the screen when activated. |
| Print Watermark | Display a watermark containing the username and email information on the print screen when activated. |
| Video Conference Mode | Optimization of video conferencing performance when activated. Unable to use the SHIELDGate shortcut feature. |
| Context Menu | Individually control menu items displayed on right-click of the mouse based on the target. |
File Download Repository Details
- My PC File Folder: Downloading files to the user's local PC
- SHIELDGate File Box: Saving files to SHIELDrive storage (storage can be specified)
- SHIELDViewer: Preview the file using SHIELDViewer when downloading the file.
- PDF Download: Allow/Block conversion of the original to PDF (Default: Allow)
- Download Original: Allow/Block Download of Original Document (Default: Block)
- CDR Download: Allow/Block Download After Decontamination Processing Through CDR (Default: Block)
⚠️ When using the SHIELDGate file cabinet (SHIELDrive storage), the corresponding member must be assigned to the SHIELDrive storage.
Context Menu Detailed Settings
Individually control the ON/OFF state of menu items to be displayed for each clickable target area.
| area | Description |
|---|---|
| Page Background Area | Context menu displayed when right-clicking on empty space |
| Text Selection Area | Context menu displayed after right-clicking after dragging text |
| link | Context menu displayed when right-clicking on a link |
| image | Context menu displayed when right-clicking on an image |
| Video | Context menu displayed when right-clicking on the video |
| Audio | Context menu displayed when right-clicking on audio |
| Input Field | Context menu displayed when right-clicking in the text input field |
⚠️ Shortcut Integration: If you set a menu item to OFF, the associated keyboard shortcuts will also be blocked. (e.g., Printing item OFF → Ctrl+P blocked)
Policy Configuration
You can set the usage and validity period of this conditional policy.
- use: Policy is activated and works immediately
- Not in use: The policy is disabled and does not operate.
- Expiration Date: When checked, the calendar is activated to select the start date and end date to set the duration. If not set, it will operate indefinitely.
💡 Policy Application Priority
When multiple policies conflict, the policy with a higher priority (a smaller number) will be applied. You can adjust the priority by dragging and dropping in the policy list.
Priority Quick Move
After selecting a policy, you can quickly change the priority using the following methods.
- Move to top / Move to bottom: Move immediately to the top or bottom
- Priority Move Dropdown: Select the desired number to move directly to a specific location
⚠️ Priority changes are not possible when search filters are applied. Please clear all filters before proceeding.
Download Policy Status
You can download the list of conditional policies as an Excel (.xlsx) file. This is provided separately from the existing JSON backup feature.
- Download All: Save all registered policy information as an Excel file
- Download Search Results: Save only the results with the current search filter applied as an Excel file
💡 JSON download is for policy backup and restoration, while Excel download is used for status analysis and reporting purposes.
Management of Default Execution Policies
This is a feature that allows you to pre-set and manage default values that are automatically filled in the execution policy and isolation security policy items when registering a new conditional policy. It reduces repetitive manual settings and prevents missing or incorrect inputs.
Right side of the top button bar in the policy list**[Management of Default Values for Execution Policy]**Click the button.
※ The URL input field and the app's default values are managed independently. Changing the default value in one menu does not affect other menus.
Default Value Setting Range
| Item | Whether to apply default values |
|---|---|
| Policy Name / Description | ❌ |
| Members / Target | ❌ |
| Conditions (Location·Time) | ❌ |
| Execution Policy (Access Policy · Additional Authentication) | ✅ |
| Isolation Security Policy (Keyboard, File, Clipboard, Session, Context Menu, etc.) | ✅ |
| Settings (Usage Status · Validity Period) | ❌ |
Apply Default Values in Bulk to Selected Policies
After selecting the policy with checkboxes from the list, use the top button bar.**[Applying Default Execution Policy]**By clicking the button, you can overwrite the execution policy and isolation security policy items of the selected policy with the current default values in bulk.
⚠️ Applying the default values will be saved immediately. The policy name, description, members, targets, conditions, and settings will not be changed.