https://live.paloaltonetworks.com/t5/general-topics/security-rule-for-url-filtering-best-practices/m-p/11190#M8233 <HTML><HEAD></HEAD><BODY><P>I would like to know what is the impact, if any, when configuring a security policy with allow action and associate with a url filtering profile if we use application as any or application set to web-browsing.</P><P></P><P>I understand the url filtering is only applicable to web-browser traffic by default, but i want to understand what is the best thing to do and what impact come from a wrong choice.</P><P></P><P>Note that this rule goal is not to allow or block traffic. It is goal is to only select traffic from a specific source address (or group) and apply a previous defined url filtering profile to it.</P></BODY></HTML> Wed, 07 May 2014 00:33:54 GMT Borgiani 2014-05-07T00:33:54Z https://live.paloaltonetworks.com/t5/general-topics/security-rule-for-url-filtering-best-practices/m-p/11190#M8233 <HTML><HEAD></HEAD><BODY><P>I would like to know what is the impact, if any, when configuring a security policy with allow action and associate with a url filtering profile if we use application as any or application set to web-browsing.</P><P></P><P>I understand the url filtering is only applicable to web-browser traffic by default, but i want to understand what is the best thing to do and what impact come from a wrong choice.</P><P></P><P>Note that this rule goal is not to allow or block traffic. It is goal is to only select traffic from a specific source address (or group) and apply a previous defined url filtering profile to it.</P></BODY></HTML> Wed, 07 May 2014 00:33:54 GMT https://live.paloaltonetworks.com/t5/general-topics/security-rule-for-url-filtering-best-practices/m-p/11190#M8233 Borgiani 2014-05-07T00:33:54Z https://live.paloaltonetworks.com/t5/general-topics/security-rule-for-url-filtering-best-practices/m-p/11191#M8234 <HTML><HEAD></HEAD><BODY><P>Hello Vladimir,</P><P></P><P>URL filtering is triggered when there is a web-browsing or SSL traffic traversing the device, regardless of what you specify in the Application section of the security policy.</P><P></P><P>I would argue that it is best practice to specify web-browsing (and/or SSL) as the permitted application(s), but this only helps to lock down that security policy further; it is not a requirement for the URL filtering to be triggered.</P><P></P><P>Hope this helps.</P><P>tasonibare</P></BODY></HTML> Wed, 07 May 2014 19:34:54 GMT https://live.paloaltonetworks.com/t5/general-topics/security-rule-for-url-filtering-best-practices/m-p/11191#M8234 tasonibare 2014-05-07T19:34:54Z