1 of 1 people found this helpful
It all ahas to do with the logic of your rule sets.
You probably have a rule for some allowed categories and another rule for some blocked categories. this is not logical way to manage it.
Your best method is to block undesired categories at the bottom and have exceptions for groups above them to skip around the block.
In this example below, Social Networking and WebMail are in the list URL Filter: Blocked Categories
In the rules above there is a list of users or AD groups that will allow webmail and social networking if they are in the list. They perform a stop Rule Set that jumps around the block and allows it for only the people in the User list or the Group list.
Exempt categories are there to override the sites in a dual categoriy scenario. For example if a site is in Education and Sexual material, normally it would be blocked on the Sexual material category. But if Education is in the Exempt list, the site would be allowed if you wanted something like Sex Education.
URL Filter Enabled
Applies to Requests: True / Responses: False / Embedded Objects: False
Enabled Rule Action Events Comments Enabled URL Filter: Allowed URLs
1: URL matches in list URL Filter: Allowed URLs°
Stop Rule Set Enabled URL Filter: Blocked URLs
1: URL matches in list URL Filter: Blocked URLs°
Block<URL Blocked> Statistics.Counter.Increment("BlockedByURLFilter",1)<Default> Enabled SafeSearchEnforcer
Continue Enable SafeSearch Enforcer<Strict> Enabled GTI Reputation: Block MediumRisk and HighRisk
1: URL.IsHighRisk<Default> equals true
2: OR URL.IsMediumRisk<Default> equals true
Block<Bad Reputation> Statistics.Counter.Increment("BlockedByURLFilter",1)<Default> Blocks urls with bad reputation. Enabled Social Networking: Allowed Users or Social Networking: Allowed Groups
1: URL.Categories<Default> contains Social Networking
2: AND (Authentication.UserGroups at least one in list Social Networking: Allowed Groups
3: OR Authentication.UserName is in list Social Networking: Allowed Users°)
Stop Rule Set Enabled WebMail: Allowed Users or Webmail: Allowed Groups
1: URL.Categories<Default> contains Web Mail
2: AND (Authentication.UserName is in list WebMail: Allowed Users°
3: OR Authentication.UserGroups at least one in list WebMail: Allowed Groups)
Stop Rule Set Enabled URL Filter: Exempt Categories
1: URL.Categories<Default> at least one in list URL Filter: Exempt Categories
Stop Rule Set Categories that override a block if site is in both. Enabled URL Filter: Blocked Categories
1: URL.Categories<Default> at least one in list URL Filter: Blocked Categories
Block<URL Blocked> Statistics.Counter.Increment("BlockedByURLFilter",1)<Default> Disabled Uncategorized: Block URLs
1: List.OfCategory.IsEmpty(URL.Categories<Default>) equals true
Block<URL Blocked> Statistics.Counter.Increment("BlockedByURLFilter",1)<Default> This rule blocks all URLs that are uncategorized by the GTI web database.
Thanks for ur post.
I tried creating a new rule for the said issue. which contains url.host matches twitter.com and authentication.usergroup for authenticating the user. i have attched a copy of same here.
i placed the rule above blocked sites ruleset and then added twiiter.com to blocked sites, however the site is getting blocked even to those groups whom i have added to exclude in the newly created rule. the site is blocked under blocked sites list. can u please suggest within the ruleset that why its not working
The rule you have looks ok, but the single rule that you have shown does not indicate how it is positioned with the rest of the rules.
The Stop Rule Set action breaks out of a rule set and continues with the next rule rule set. Your block for twitter is probably contained in an entire rule set below this one and this rule will have no effect.
It is intended to be used in a sequence of rules where there is a block below it in the same rule set, like the example above.