Enable User- and Group-Based Policy
After you Enable User-ID, you will be able to configure Security Policy that applies to specific users and groups. User-based policy controls can also include application information (including which category and subcategory it belongs in, its underlying technology, or what the application characteristics are). You can define policy rules to safely enable applications based on users or groups of users, in either outbound or inbound directions.
Examples of user-based policies include:
Enable only the IT department to use tools such as SSH, telnet, and FTP on standard ports. Allow the Help Desk Services group to use Slack. Allow all users to read Facebook, but block the use of Facebook apps, and restrict posting to employees in marketing.

Related Documentation