How have a requirement to block unclassified domains. How would I do that on the Sidewinders? I see on the smartfilter/Smartfilter Management that there is a drop down set to block uncategorized URL's. I also see under smartfilte/filter policies that each filter policy created has the Uncategorized URL action set to allow. Should that be changed to block? Or is there anything else that I need to set/modify, ie some in the HTTP application defenses?
SmartFilter categorizes URLs and IP addresses. For HTTPS sites it can only see the IP address so that is what it uses. It cannot categorize every URL or IP, of course, so you either Allow or Deny URLs and IP addresses that have not been categorized.
Here is how I interpret those options in the SmartFilter section (since they are not explicitly explained anywhere that I can see):
On your 3rd bullet, are you saying that each individual filter policy will override the "URL Requests by IP address"? So I would have to set the URL Request by IP address as well as each filter policy to block vice having the URL by IP set to block and the filter policy set to allow?
They are two different things; one works on IP addresses and the other works on Domain Names. I don't believe either one overrides the other since they are doing two different things.
If you decide to block uncategorized IP addresses you may end up blocking a lot of legitimate things. The only way to know is to turn it on and see.
A support ticket was opened on this subject yesterday and I presume that was you. I'll put a link to this discussion into that SR.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center