To block unmanaged devices from performing activities in sanctioned apps that are not allowed, you have to create a real time protection policy with specific constraints. Perform the following steps to achieve granular restrictions on unmanaged devices:
- Navigate to Policies > Real-time protection > New Policy.
- Select Threat Protection.
- In Source section, add criteria as Access method = Reverse Proxy.
- Select category as Cloudapp.
- Select ‘Edit’ to include actions that should be a criterion in the policy.
- Select appropriate threat profiles and action.
- Set the action as Block for appropriate.
- Create the policy.
Real-time Protection Policy details:
