You can create an Apps Firewall policy from the Apps Firewall> Create Policy page. Please follow the below steps.
Step 1: Enter the name of the apps-firewall policy you want to create. Once done, click on 'Next'
Step 2: You have to choose whom the apps-firewall policy applies to. You can choose to apply it for a whole domain, a user account, a group or an OrgUnit. Once done, click on 'Next'
Step 3: You will have to select the apps you would want to blacklist or whitelist. You can also use the provided filters to get the apps you want to select. Select the apps accordingly and click on 'Next'
Step 4: For the apps which violate this policy, you can choose the policy to take real-time actions on the app. The real-time actions available are,
Revert Permission: You can choose to revert the permissions provided to the app which violates this policy.
Step 5: If you want the users to ask for exception for an app that was picked up as a violation, you can choose to in this step.
Step 6: You can setup the incident reporting options in this step. You can setup the notification for the Policy Creation announcement, and then the notification for the policy violation.
Step 7: Once done, you can click on 'Save' button to save the policy but keep it inactive, or you can click on 'Create & Activate' button to save the policy and activate it. You can go back to the previous steps by clicking on 'Previous' button, and cancel the policy creation by clicking on 'Cancel' button.
Once the policy is created, it will be listed in the Apps Firewall> Policies page.