We have a case that 1 user would like to access URL (example a.com) that is currently blocked in existing URL filtering profile.
We know we can allow this by
1. clone existing URL profile and add a.com into allow list or add it through custom URL.
2. create firewall policy above existing rules to internet to allow this specific user id / IP address and attach the new URL profile
Let's say in the future there is a request to whitelist different user to a different URL, does it mean I have to create multiple URL profile or is there a better way to do this?
can anyone share their experience..
Yes multiple URL's Lists and Multiple Rules are required if you need to be 100% granular in your white listing.
Also be aware that any one site may pull assets from other sites that are not white listed. and therefore content may not show correctly.
What I did was one of the options you mentioned. I have a custom URL category and list the URL. Then create a security policy and make sure that I dont just add the user, i add an AD group. That way in the future I just have to add users to the AD group.
But yes it will be a new Custon URL category and security policy for each different request. I find that if users have to get C-Level approval, they usually dont ask ;).
Thank your for your feedback,
am I correct to assume you are allowing using service and URL category on security policy without URL filtering security profile
and you also have a generic internet rule below that rule that is using URL filtering security profile?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The LIVEcommunity thanks you for your participation!