Conditional Policy Registration and Management

Conditional policies specify the targets (storage, members) and conditions (location, time, device), and connect the EDO execution workflows by trigger to control file events. This page explains the entire flow of registering, modifying, copying, deleting conditional policies, and managing priorities on the admin page, as well as how to set each category during registration.

1. Page Entry

Admin page left menu >Policy > Conditional PolicyClick.

You must be logged in with a SHIELD Drive administrator account.
About Conditional PoliciesWrite PermissionThis is required. If you do not have permission, the "Register Policy" button and the action icons in the list (edit, copy, delete, change priority) will be disabled or not displayed.

2. List Screen

Registered conditional policy isPriority OrderIt is displayed as. You can filter by entering the policy name in the top search field (press Enter or click the search icon), and refreshing will reload the list based on the current search term. The list is loaded with infinite scroll in units of 100 items.

column	Description
Priority	Sequence starting from 1. Reassigned immediately when priority changes.
Policy Name	Policy Name
Description	Policy Description (if not entered __PH_0__)`-`)
Storage	Storage type + quantity (e.g., shared box(3)). If it's a single item, display the storage name.
Members	"All users" or "Assignment: User(N), Group(N), Policy Group(N) \| Exceptions: …"
Usage Status	Use / Do not use
Expiration Date	YYYY-MM-DD ~ YYYY-MM-DD. If all are not set`-`, if only one side is not set, "indefinitely"
Revision Date	YYYY-MM-DD HH:mm

Expiration Date Badge

expiration: If the end date is before the current date. Red warning icon and text.
Expiration Date: If the end date is within 7 days from now. Orange warning icon and text.

3. Action Area

The top action is displayed differently depending on the selection state.

Selection State	Possible Actions
Policy Not Selected	Policy Registration, Total Count, Search, Refresh
Select 1 policy	Close, Move Up·Down, Edit, Copy, Delete
Select more than 2 policies	Close, Multi Delete

If you do not have permission, the action icon will be disabled or not displayed.

4. Policy Registration

top**"Policy Registration"When you click the button, the full-screen registration page opens. The settings categories are displayed in the left sidebar, and you can click each category to set values in the right area. The categories arePolicy Basic Information → Target Storage → Members → Conditions (Location·Time·Device) → Enforcement Policy → Policy Operation Settings**It is composed in order.

Conditions for Activating the Register Button

Policy name · Members · Target storage are all valid.
The execution policy category has been opened once, and the EDO mapping preparation (iframe load) is complete.

Below is the method for setting up by category.

4-1. Policy Basic Information

Policy Name(Required): Within 50 characters. Immediate inputAsynchronous Duplicate CheckIf it is performed and the same name already exists, a duplicate notification will be displayed and it cannot be registered.
Description(Optional): Within 200 characters.

4-2. Target Storage

firstStorage PurposeSelect 1 item as a radio.

Options:Personal Box / Shared Box / Common Box. In companies where MS Teams features are enabled,Teams tabThis will be exposed additionally.
Purpose isYou cannot make changes in edit mode.(Available only during registration)
Changing the purpose will reset the already selected storage list.

When you select a purpose, the list of storages belonging to that purpose will be activated. Click the selection box to open the right drawer, and search for the storage.Multiple selection of more than one itemis done. (The execution policy category will be activated only when one or more storages are selected.)

4-3. Members

Specify the target to which the policy will be applied. Select the allocation method using radio buttons.

All users: Applies to all users.
User and Group Selection: Directly specify the target and exceptions.

In "User and Group Selection" mode,Target ApplicationandExceptions 대상Two areas will be displayed. Clicking the selection box of each area will open the right drawer, andAll / User / Group / Policy GroupYou can search and select by separating with tabs (infinite scroll in units of 100). You must specify at least one target for application.

If the same target is duplicated in allocation and exceptionsExceptions take precedencedoes.
When switching the allocation method (All users ↔ Select users and groups), the exception list will be reset.

4-4. Condition - Location (IP)

Conditions consist of location, time, and device, and they are mutuallyAND combinationIt is applied (the policy is applied only if all the set conditions are met).

Select a mode from the location category.

No location restrictions: IP condition not applied.
Registered Location: Select application location / exception location.

In "Registered Location" mode, select multiple registered location conditions from the drawer of the apply/exclude box. At the top of the drawer**[Additional]**You can immediately register a new location condition with the button.

Register New Location Condition

Enter condition name (required, 50 characters, duplicate check) + description (optional, 200 characters).
Start IP ~ End IP(IPv4 format validation) to enter and**[Additional]**Add an IP range chip with the button. At least one range chip must be added for registration, and the same range cannot be added multiple times.
The registered conditions are shared with other policies in the location condition list and are reused.

4-5. Condition - Time

same as the locationNo time limit / Registered timeOperates in mode and allows for multiple selections of application time / exception time.

Register New Time Condition

Enter condition name and description.
Start time:minute ~ End time:minute(select all (hour 00–23, minute 00–59) and)**[Additional]**Add a timezone chip with the button. At least one chip is required, and the same timezone cannot be added multiple times.

4-6. Condition - Device

No device restrictions: Device condition not applied.
Select Device Type: PC / Tablet / MobileClick the card to select multiple. In "Select Device Type" mode, you must select at least one.

4-7. Execution Policy (EDO Execution Workflow)

Some areas of operation for conditional policies are not handled by SHIELD Drive itself andEDO (Enforcement & Detection Orchestrator) WorkflowDelegated to. The EDO workflow defines the flow of trigger (file event) → step (validation·transformation) → result (allow·block) and automates subsequent processing such as CDR, transformation, and additional validation.

Entry Premise

**Select one or more target storages.**The category must be activated.
The EDO service must be operating normally. (In case of failure, a message indicating iframe load failure may be displayed.)

Mapping Configuration Flow

When you click on the category, the EDO execution workflow settings screen opens on the right. Select the EDO workflow template to apply for each screen trigger.

Trigger Types (By Storage Purpose)

The mappable triggers vary depending on the selected storage purpose.

Storage Purpose	mappable trigger
personal space	`shieldrive_file_upload_before`(File Upload)`shieldrive_file_download`(File Download),`shieldrive_file_transfer_hunesion`(Interconnected Transmission)
Shared Box / Common Box / Teams Box	`shieldrive_file_download`(File Download) - Exclude Interconnection Transfer Trigger

Network linkage (HuneSion) transmission occurs only in the personal mailbox, so the network linkage transmission trigger is excluded from the mapping candidates for purposes outside the personal mailbox.

The detailed specifications for actions that can be mapped by trigger (allow / block / CDR / transform, etc.) and the input and output fields of triggers and actions areEDO Execution Workflow Management GuidePlease refer to.

4-8. Policy Operation Settings

Policy Activation Toggle: Use / Do not use. In the off state, the policy is not applied.
Expiration Date: Specify the start date and end date using the DatePicker or set the end date to "indefinite". (For details, refer to number 10 below)

5. Policy Modification

Select one policy from the list → Action bar**"Correction"**Click. An edit page with existing values will open. You can change the policy text or EDO mapping, and the changes to the EDO mapping will be saved after the policy text is saved first. The "Modify" button will be activated if either the policy text or EDO mapping needs to be changed.

The storage purpose cannot be changed in edit mode.

6. Policy Copy

Select one policy from the list → Action bar**"Copy"Click. The registration page opens, and the basic information of the copy and EDO mapping are pre-filled. After modifying only the necessary values, click "Register" to create a new policy. The copy is alwaysInactive state at the bottom of the list**is created.

7. Delete Policy

Select one or more policies from the list → Action Bar**"Delete"**Click → Select "Delete" in the confirmation modal. When deleting multiple items, they are processed in parallel for each item. If some or all fail, a failure notification modal will be displayed, and you can re-execute only the failed items with "Retry".

When a policy is deleted, the associated EDO mappings are also cleaned up. If there are any items that failed to clean up the mappings, they will be included in the deletion failure notification.

8. Change Priority

You can change it in one of two ways.

A. Action Bar "Move Up / Down" Button

After selecting one policy and clicking the button, it will move one step. The button will be disabled in the following cases.

Access Denied
0 selections or 2 or more selections
First item "up" / Last item "down"
Processing previous change request

B. Drag and Drop

Drag the list item with the mouse and drop it in the desired position. The priority number is updated immediately while dragging. Dragging is not enabled if you do not have Write permission or if a previous change request is being processed.

Common Actions

Both methods reflect changes on the screen immediately. During the processing of change requests, the next priority change is temporarily blocked. If the change fails, the row order and priority number are automatically restored to the state just before the change, and a notification saying "Failed to change conditional policy priority." is displayed.

9. Policy Details

When a policy is selected from the list, clicking the same row again will open the detailed drawer on the right. You can check the policy basic information, target, conditions, execution policy, policy operation settings, and modification date at a glance. In the execution policy area, you can see the display name label of the mapped EDO trigger.

If you click while holding down Ctrl or Shift, it will be treated as a multi-selection, and the drawer will not open.

10. Policy Status and Validity Period

Set it in the last category (Policy Operation Settings) of the policy registration and modification page.

Policy Activation Toggle: Sets the policy to use / not use. In the not use state, the policy is not applied.
Expiration Date: You can select the start date and end date using DatePicker, and the end date can be designated as "indefinite".

When the validity period expires, the policy is automatically marked as disabled and is not applied. In inactive or expired status, a notification message is displayed at the bottom of the screen.

11. Error Notification

situation	Notification
Policy registration failed	"Policy Registration Failed" modal. Displayed with an error code. Can be re-requested with "Retry".
Policy modification failed	"Policy Modification Failed" Modal. Same Action
Failed to save EDO mapping	Mapping Retry Modal. Only re-request mapping save with "Retry"
Policy deletion part failure	"Failed to delete some policies." Notification. Only failed items can be retried.
Policy deletion failed completely	"Failed to delete the policy." Notification. Retry possible
Priority change failed	"Failed to change the priority of the conditional policy." Notification. The row order is automatically restored to the state just before the change.

1. Page Entry​

2. List Screen​

3. Action Area​

4. Policy Registration​

4-1. Policy Basic Information​

4-2. Target Storage​

4-3. Members​

4-4. Condition - Location (IP)​

4-5. Condition - Time​

4-6. Condition - Device​

4-7. Execution Policy (EDO Execution Workflow)​

4-8. Policy Operation Settings​

5. Policy Modification​

6. Policy Copy​

7. Delete Policy​

8. Change Priority​

9. Policy Details​

10. Policy Status and Validity Period​

11. Error Notification​