i read that for best practice if we make custom url category its action should be none for security reasons
need to understand why?
Solved! Go to Solution.
Not sure where you read that. I always set 'allowed' catagories to 'Alert'. This way they get logged and its easier to determine what is getting allowed/blocked.
under this link
listen to 43rd min video
OK, I listened to it and I see what they are doing. Lets say you make a custom catagory and the URL is xyz.com, and you have it set to 'Alert'. Now lets say that site gets compromised and get recatagorized by PAN as malicious. What she was saying is that it could potentially still be allowed because you set the custom catagory as 'Alert', by having it set to none she is saying it would take the default catagorization of the PAN catagory list:
none (custom URL category only)—If you have created custom URL categories, set the action to none to allow the firewall to inherit the URL filtering category assignment from your URL database vendor. Setting the action to none gives you the flexibility to ignore custom categories in a URL filtering profile, while allowing you to use the custom URL category as a match criteria in policy rules (Security, Decryption, and QoS) to make exceptions or to enforce different actions. To delete a custom URL category, you must set the action to none in any profile where the custom category is used. For information on custom URL categories, see Objects > Custom Objects > URL Category.
Hope that makes sense.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!