08-16-2017 08:21 AM
I've read the articles about the processes that take place when analyzing traffic and understand that sometimes there could be an allow status when it seems there shouldn't be. However it also seems that if the traffic truly shouldn't be allowed there would be an associated log entry with some kind of denial.
In my case there is no associated denial and I'm would still like to know why this traffic seems to be allowed when apparently not matching my Custom URL Category.
Forgive me if I'm still just misunderstanding something about this.
Here's what I'm seeing in my logs:
08-16-2017 08:27 AM
What if you also create a URL Filtering Profile (call it Alert All URL), configured with "alert" for all categories, and attach it to this rule?
08-16-2017 09:11 AM
Because of the any I think the reason is one of the following:
If you share some more screenshots (logs with column 'rule', security policy in question, custom URL category), we should be able to help 😉
08-16-2017 11:12 AM
Thanks for the reply.
Unfortunately we don't have a URL Filtering license as we have another solution for that function.
08-16-2017 11:33 AM
For that what you intended to do (at least what I understood) - blocking or allowing specific websites with a custom URL category directly referenced in the security policy, you don't need an URL filtering license. Even for the logging part, mentionned by @jvalentine, there are workarounds that you will see the URL logs, without the license (only a workaround, not a recommended way)
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!