cancel
Showing results for 
Search instead for 
Did you mean: 
ranskaio
Level 7

Rules

Hello My Mcaffe Friends,

I`m tring to put a rule that allow every URL, that is not categorized.

Any one, have ideas for that ?

My last shot was

URL.Categories none in list CATEGORIES -> Stop Cycle

I have the Clean Up rule. Blockeverthing Else.

Where the list CATEGORIES contains all categories of the default TRUSTEDSOURCE settings.

Waiting for opinions.

0 Kudos
7 Replies
eelsasser
Level 15

Re: Rules

You are very close.

The action on the rule:

URL.Categories none in list CATEGORIES

  Should be a Block<URL Block>

Not Stop Cycle

0 Kudos
ranskaio
Level 7

Re: Rules

Sorry Erik,

But i`m trying to do the opposite.

I`m trying to Allow de access for Uncategorized  URL.

With my actual rules, the access is BLOCK.

Make my self clear ?

Thanks for your attention.

0 Kudos
theravan
Level 9

Re: Rules

I know what you want to do.  You want to allow un-categorized but still block bad sites.

I have a rule for allowed categories for users.

At the bottom i have a block everything else.

Just above that rule I have a allow un-categorized sites.

Rule Criteria: Property: URL.Categories, Operator: None in list, Parameter: Blocked Categories

Action: Stop Rule Set.

Make sure you create a Blocked Categories list and check all the boxes.

I recommend that you setup a test web gateway server.  Backup you live and restore to the test server.  Important only restore the policies.

The test server doesn't need to pull logs to your Reporting server.

Make sure when back the test and live servers that the backup file has the name of the server.  you dont want to restore a played around on test server backup on the

Also make sure that your Category Content Filter Rule Set is above the Gateway Antimalware Rule Set.

0 Kudos
ittech
Level 13

Re: Rules

I have a question. Are websites without categories normally blocked? I didn't think that they were. If they aren't, then you wouldn't need a rule at all for that. Just block what you don't want, everything should be allowed through, correct?

0 Kudos
theravan
Level 9

Re: Rules

The way i understand it is:  it depends on if you are using allow or blocked category rules.  I have mine setup with allowed category rules so i need the block everything else rule.

If you do the opposite then you would not need a block everything rule.

But you dont want both blocked and allowed rule. Well that is the way i understand it.  I really depends on how your thought process works.  Allowed works best for me.

I do have two allowed category rules:  one for normal users and one for IS staff.  I alos have a rule the blocks normal user from accessing windows update URLs and only allow IS staff.

If you have a block everything else rule, disable it and you will see that you can get to everything.  not good.

Hope this helps.

0 Kudos
ittech
Level 13

Re: Rules

Gotcha. We're more of an allow, then block type of place. Block, then allow would be nice, but you now what they say. It's easier to give access to what they don't have, than take away what they already do. It's hard explaining to a person why they can't go to certain sites when for the past 10 years it's been perfectly fine.

0 Kudos
theravan
Level 9

Re: Rules

You can also re-category site if you need to.  No need to give access to a whole category just for a few sites.

0 Kudos