Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Create an Application Instance

For CASB, to differentiate between corporate and non-corporate SaaS application instances, administrators need to configure access policies using the instance parameter. To identify an instance, CASB requires instance ID, domain, and/or type. And, to monitor logs, tagging that are mapped with instances is used.

Use the Create Application Instance Page to configure application instances.

To create a new application instance:

  1. Select Secure Edge > Security Subscriptions > CASB > Application Instances.

    The Application Instances page opens.

  2. Click + to create an application instance.

    The Create Application Instance page.

  3. Complete the configuration according to the guidelines provided in Table 1.
  4. Click OK.

    An application instance is created, which you can associate with a CASB profile.

Table 1: Creating Application Instance Settings

Setting

Guideline

Name

Enter a new application instance name. For example, dropbox123.

The instance name must begin with an alphanumeric character. Spaces and special characters except for - : . are not allowed. The maximum length is 63 characters.

Application instance ID

A unique URL to access SaaS service. Instance ID comes in packet data of all SaaS application activities, such as, upload, download, and share. You use this Instance ID to apply in the Security policies.

Enter an application instance ID.

Each application can have its own instance ID. For the following example URLs, we are using the common string acmecorp7 as the instance ID within the application's SaaS URLs:

  • Box URL—acmecorp07.app.box.com

  • Microsoft OneDrive URL—acmecorp07ms-my.sharepoint.com

  • Salesforce URLs:

    • acmecorp7.my.salesforce.com

    • acmecorp7.lightning.force.com

Note:

For Dropbox and Google Docs, URLs are dropbox.com and docs.google.com respectively. As these are generic URLs, instance ID is not applicable.

Domain

An email domain. During login activity, you get an email domain in packets, and it is part of instance.

Enter the domain address.

For example, acmecorp07.com is an organization domain. Then Box, Dropbox, Google Docs, Salesforce, and Microsoft OneDrive uses the same domain for all the users.

Type

Select a value from the list to map a type with an application instance:

  • Unclassified

  • Work

  • Personal

Note:

You must configure the type of value for Dropbox. For other applications, this configuration is optional.

Tag

Select a value from the list to map a tagging with an application instance:

  • Untagged—Default value for the application instances that you have not tagged.

  • Sanctioned—Application instances sanctioned by your organization.

  • Unsanctioned—Application instances unsanctioned by your organization.