view the urls hitting default interzon policy

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

view the urls hitting default interzon policy

L2 Linker

Hi team,

 

We have a url filtering profile created for monitoring with action of all category as alert. And this profile has been called on default interzone policy (action deny). But nothing is gets logged, we have many traffic hitting default interzone policy and the aim is to monitor urls hitting this policy. Can anyone help on this?

5 REPLIES 5

L4 Transporter

Hello @Marsooq_A 

Can you try to

- set action to allow

- set all to "block" on security profile URL filtering

It might be necessary to have SSL decyption active as well.

Hello,

I never rely on the two default policies. I always have a DENY ALL policy right above them so I can see all traffic getting denied.

 

Hope that makes sense.

 

Regards,

I cannot set the action as allow as we need to deny all the traffic hitting interzone policy. The requirement is , i have placed a policy with destination as specific url category. Somewhat the traffic from source machine hitting the default interzone policy and were i have action set as deny. and my requirement is , what urls that the source machine tried to reach.   

Hello @Marsooq_A 

Even if you set action to allow, it will not be allowed (due to the security profile set to block). You can see it similar as having a security policy allowing the access, but the virus filter will block if a virus is found.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!