Hello My Mcaffe Friends,
I`m tring to put a rule that allow every URL, that is not categorized.
Any one, have ideas for that ?
My last shot was
URL.Categories none in list CATEGORIES -> Stop Cycle
I have the Clean Up rule. Blockeverthing Else.
Where the list CATEGORIES contains all categories of the default TRUSTEDSOURCE settings.
Waiting for opinions.
I know what you want to do. You want to allow un-categorized but still block bad sites.
I have a rule for allowed categories for users.
At the bottom i have a block everything else.
Just above that rule I have a allow un-categorized sites.
Rule Criteria: Property: URL.Categories, Operator: None in list, Parameter: Blocked Categories
Action: Stop Rule Set.
Make sure you create a Blocked Categories list and check all the boxes.
I recommend that you setup a test web gateway server. Backup you live and restore to the test server. Important only restore the policies.
The test server doesn't need to pull logs to your Reporting server.
Make sure when back the test and live servers that the backup file has the name of the server. you dont want to restore a played around on test server backup on the
Also make sure that your Category Content Filter Rule Set is above the Gateway Antimalware Rule Set.
I have a question. Are websites without categories normally blocked? I didn't think that they were. If they aren't, then you wouldn't need a rule at all for that. Just block what you don't want, everything should be allowed through, correct?
The way i understand it is: it depends on if you are using allow or blocked category rules. I have mine setup with allowed category rules so i need the block everything else rule.
If you do the opposite then you would not need a block everything rule.
But you dont want both blocked and allowed rule. Well that is the way i understand it. I really depends on how your thought process works. Allowed works best for me.
I do have two allowed category rules: one for normal users and one for IS staff. I alos have a rule the blocks normal user from accessing windows update URLs and only allow IS staff.
If you have a block everything else rule, disable it and you will see that you can get to everything. not good.
Hope this helps.
Gotcha. We're more of an allow, then block type of place. Block, then allow would be nice, but you now what they say. It's easier to give access to what they don't have, than take away what they already do. It's hard explaining to a person why they can't go to certain sites when for the past 10 years it's been perfectly fine.