Add Gateway policies

maxvp · maxvp · commit 63f8126116df · 2024-11-26T15:47:45.000-06:00
diff --git a/src/content/docs/cloudflare-one/policies/data-loss-prevention/dlp-profiles/advanced-settings.mdx b/src/content/docs/cloudflare-one/policies/data-loss-prevention/dlp-profiles/advanced-settings.mdx
@@ -17,11 +17,23 @@ Match count refers to the number of times that any enabled entry in the profile
 
 Confidence levels indicate how confident Cloudflare DLP is in a DLP detection. DLP determines the confidence by inspecting the content for proximity keywords around the detection.
 
-Low confidence detections are generally based on regular expressions, require few keywords, and will trigger more often. High confidence detections require more keywords, will trigger less often, and have a higher likelihood of accuracy. Setting the confidence to Low will also consider Medium and High confidence detections as matches. Setting the confidence to Medium or High will filter out the lower confidence detections.
+Confidence level is set on the DLP profile. When you select a confidence level in Zero Trust, you will see which DLP entries will be affected by the confidence level. Entries that do not reflect a confidence level in Zero Trust are not yet supported or are not applicable.
 
-Confidence level is set on the DLP profile. When you select a confidence in Zero Trust, you will see which DLP entries will be affected by the confidence level. Entries that do not reflect a confidence level in Zero Trust are not yet supported or are not applicable.
+DLP confidence detections consist of Low, Medium, and High confidence levels. DLP will default to Low confidence detections, which are based on regular expressions, require few keywords, and will trigger more often. Medium and High confidence detections require more keywords, will trigger less often, and have a higher likelihood of accuracy.
 
-For inline detections in Gateway, if you would like to display Low and Medium confidence detections but block High confidence detections, Cloudflare recommends using two policies. The first policy should use a Low confidence DLP profile with an Allow action. The second policy should use a High confidence DLP profile with a Block action.
+Setting the confidence to Low will also consider Medium and High confidence detections as matches. Setting the confidence to Medium or High will filter out lower confidence detections.
+
+### Gateway detections
+
+For inline detections in Gateway, to display Low and Medium confidence detections but block High confidence detections, Cloudflare recommends creating two HTTP policies. The first policy should use a Low confidence DLP profile with an Allow action. The second policy should use a High confidence DLP profile with a Block action. For example:
+
+| Selector    | Operator | Value                       | Action |
+| ----------- | -------- | --------------------------- | ------ |
+| DLP Profile | in       | _Low Confidence Detections_ | Allow  |
+
+| Selector    | Operator | Value                        | Action |
+| ----------- | -------- | ---------------------------- | ------ |
+| DLP Profile | in       | _High Confidence Detections_ | Block  |
 
 ## Optical Character Recognition (OCR) <Badge text="Beta" variant="caution" size="small" />
 
