The WSA console does not let you manage Identity Shield other than a few generic settings.
Please add the ability to manage
1.) Protected Applications policy and console-wide
2.) Protected Websites policy and console-wide
You can send commands to protect/unprotect an application but this is a troubleshooting method rather than a policy.
Businesses need to protect credential inputs to more than just web browsers. Adding this management feature would virtually be a new feature Webroot can tout.