This can be accomplished using the "Web Mapping" methodology outlined here: https://community.mcafee.com/docs/DOC-2210
You can create policy "containers" or rulesets which apply to a particular group or whatever you want (the article talks about groups, but you could pick anything.
I noticed you commented on the article, I attempted to clarify the advantage of using the method outlined in the article.
Thanks for the information and I completely understand what you are doing here. But doing it the way that you have described seems to add a step. It appears that it would be possible to allow the users to authenticate to the proxy with one particular group, for me webusers, and then in the rule sets create individual rules for each user group that I would like to handle. So, I would have a rule set that the Criteria would be Authentication.usergroups contain "sales"
So, webusers allows them to use the proxy but when it hits the rule set it would see if they are in the usergroups "sales" and then allow them to enter the rule.
Am I missing something and being overly simplistic?
The problem that the article solves is:
-What if a user is not apart of "webusers"?
-What if a user is apart of "webusers" and "execs"?
This helps get a better understanding of how policy is assigned by structuring your rules with this method. You have one ruleset which assigns the "policy" as opposed to having every rule/ruleset determine the policy you should get.
Thanks again. Yes this does help. Let me ask, Where\how does the default User-defined .policy get assigned? I suspect that if they fall thru the rules and none has taken action then the User-Defined.policy would be placed in effect?
Also, I do not understand what will happen if, like in your example, Doug is in both the Internet relaxed and the Internet strict(by mistake)?
Thanks again. I find the help on this forum very helpful and accessible. Thanks to you and the support team for answering questions in the forums.
The article outlines both examples you are confused about, but let me clarify them further.
As far as the default value for the "policy" property, this is talked about in the "catch-all". Where I explain the the "Policy" property is by default given the value "default".
For Doug, he will get assigned policy depending on the order of the rules. If you want to be more "relaxed" you assign the relaxed policy first. If you want to be more "strict" then you assign the stricter policies first. Take a close look at the order of the rules.