I have a Web Gateway Appliance running 7.3. The ruleset order i have is as follows: Global Whitelist-->Global Block-->SSL Scanner-->Site Review-->Try-Auth-->Authorized Override-->Coaching-->URL Filtering-->Common Rules-->Media Type filtering-->Gateway Anti-Malware.
I am a rooking at managing this software. Basically, the top rule in the url filtering ruleset is to allow websites added to the url whitelist and then stop the ruleset. However, if I add a url to the url whitelist and save the change, when I attempt to access the site I am presented with the "site review" url blocked page.
The only way I can get to the blocked site is to add it to the global whitelist.
Any ideas to get this functioning correctly?
A couple of screen shots are attached showing the ruleset order and such.
Rule order matters -- I'm guessing that since Global Whitelist is above Site Review it's taking precedence, but once you move further down the rule set, the SiteReview rule set kicks in. Not entirely sure how the connection is getting there since the top-level criteria on SiteReview doesn't indicate that you should get there unless SiteReview has been implemented, but what you coud do is enable rule tracing for your client IP address @ the very top of the rules and then review the path that the connection takes. Another option would be to create a log file that gets written when you set a specific user-defined property and configure that log file to write out String.ReplaceIfEquals(List.OfString.ToString (Rules.FiredRules.Names), "" "-"). Then set the property for your client IP and MWG will log the path through the rules that the connection takes.
Another possibility is that Global Whitelist is using slightly different criteria than URL Whitelist and URL Whitelist simply isn't matching on the connection -- that would suggest that you would fall down into your Block URLs rule and I'm guessing that the Event there might redirect to Site Review, but without rule details, I can't be sure.
Yes you are right. HTTP Request going through your rule set from top to down. So if your request matches in the Site Review Rules they will worked on there.
Also you might want to check for the correct usage of the URL Properties here:
Best Practices: Creating URL related list entries
And keep in mind to clock the Show Details button to make it more easier to understand your ruleset
Thank you very much for your information. I will try out the rule tracing.
Thank you for the document. I had this setup with the help of a consultant and apparently he hadn't read this document as many of our URL whitelist entries were not created in a suggested manner.