Using Cloud App Security with Google Cloud Directory Sync

If your organization uses Google Cloud Directory Sync (GCDS), you will need to perform additional configuration of your Exclusion Rules to work properly with SonicWall Cloud App Security.

You need to complete this configuration change before authorizing SonicWall for Gmail. Otherwise, the Google Groups will be deleted when Cloud App Security synchronizes with the Google Cloud after authorization.

Cloud App Security automatically creates and manages four Google Groups when you complete the authorization of the Gmail cloud application.

GCDS deletes the SonicWall groups when Cloud App Security synchronizes with the Google Cloud. By configuring the Exclusions Rules, the groups will not be deleted during synchronization.

To configure the Exclusion Rules for Cloud App Security

1. Log into your Google Cloud management account.
2. Navigate to Google Domain Configuration.
3. Click on Exclusion Rules.
4. Click Add Exclusion Rule.
5. Create four new Exclusion Rules. Each new rule should contain the specified values for these fields:
   • Type: Group Email Address
   • Match Type: Exact Match
6. Assign one of these email addresses to each new Exclusion Rule:
   • sonicwall_inline_policy@yourdomain.com
   • sonicwall_inline_rule@yourdomain.com
   • sonicwall_monitor_policy@yourdomain.com
   • sonicwall_monitor_rule@yourdomain.com
7. Click OK.
8. Click Sync.

You can now authorize Gmail for SonicWall without the Google Groups getting deleted.