So I get a list of bad URLs every week and tasked with adding them on the Site Advisor prohibit list policy. Needless to say, the list is growing. As of now, I have 1600 sites in the policy. What are some recommendations for managing such a large list? I check with trustedsource.org. If a site is categorized as malicious in trustedsource.org, do I still need to explicitly put it in the policy (assuming "content action" policy for that category is set to block)? Really would love some automation and simplification for this task. It's getting tedious.
What are some recommendations for managing such a large list? What would you like to manage - the uploading of the list - "Prohibit List"<> "Manage Prohibited Sites"; by choosing "Add Multiple Prohibited Sites" you can upload the entire list.
I check with trustedsource.org. Other sources to validate site rating: VirusTotal - Free Online Virus, Malware and URL Scanner , Safe Browsing Site Status – Transparency Report – Google , McAfee - Check Single URL or Online Webpage Scanning for Malware Attacks | Web Inspector Online Scan
...do I still need to explicitly put it in the policy - Every environment is different; some are driven by IT Policies, others are driven by Best Practices and everyone else is somewhere in the middle.
In order to guard against adverse performance due to having to check against 1000s of urls in a blocklist, we load and read the list from memory.
As a test, you could check on an endpoint with and without the block list enabled to see if there is any visible/noticeable browsing impact.