07-19-2021 08:54 AM - edited 07-19-2021 09:10 AM
Hi all,
Pardon me for the lengthy title.
Here is the layout of what I am working with:
😅
I have been tinkering with custom URL categories and filtering profiles. I have got what I intended to work.
However, I am confused by the behaviour of the firewall and further lost amongst content all over the internet, especially when it comes to URL filtering without a licence. Was hoping someone could help clarify it out for me?
===========
Scenario 1
Security policy rule A:
Security policy rule B:
No traffic will match security policy rules A or B. The only time traffic match either of these two rules is when I specify a URL category under the Service/URL Category tab for security policy rule A.
Scenario 2
Security policy rule A:
Security policy rule B =
URL traffic not matching any URLs specified rule A is now blocked.
===========
What I can't get my head around is why isn't it enough to simply use a security rule and a relative filtering profile that references the good custom URL category?
Why when I don't specify the URL category, no traffic matches even though the filtering profile is there?
Apologies for my ignorance.
Martins
07-22-2021 10:59 AM
Url categories in the services tab behave somewhat like an FQDN object, while urls added in the url filtering profile are only applied at layer7
the former causing an "traffic log" (l4) allow or drop, with the latter causing a response page with a traffic allow for both drop and allow
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
