Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1573
  • Last Modified:

Bluecoat WhiteListing for Streaming-Services

we have implemented-and enabled-WhiteListing for our Streaming-Services,however the service is being blocked.
heres a part of the log:


407 TCP_DENIED 1514 346 POST http cp50792.edgefcs.net 1935 /fcs/ident2 - - - - - "Shockwave Flash" DENIED "wl_parl" - 10.209.46.4 SG-HTTP-Service 81.52.201.142 0


and here the Active WhiteList of the Bluecoat:

define category wl_parl
...
edgefcs.net
end

does anyone have an idea why its getting blocked and how to fix this?
0
DukewillNukem
Asked:
DukewillNukem
1 Solution
 
eeRootCommented:
This comment :  ""Shockwave Flash" DENIED"   implies that the flash content was blocked.  Are you blocking or allowing application/x-shockwave-flash type content?
0
 
btanExec ConsultantCommented:
to create whitelist based on URL, check this
From the Management Console, select Configuration > Policy > Visual Policy Manager > Launch. The visual policy dialogue displays.
Select Policy > Add Web Access Layer. Give the web access layer a unique name. For example "Web Access Exceptions.
Click OK.
Click Add a Rule.
Right click the Destination column within the rule and select Set.
Click New, and select Request URL Category.

Encourage you to check out the pdf on admin guide under whitelisting
https://bto.bluecoat.com/sites/default/files/tech_pubs/SGOS6.1.x_Admin_Guide.pdf

See "Creating a Whitelist", "Creating Policy to Log Access to Specific Content", however,
e.g. if we want to find out more from log, we can  try to record information in the ProxySG appliance event log. See "Creating Policy to Log Access to Specific Content";

e.g.  if we do not know the specific category or is unknown ( such as category unlicensed is assigned in addition to unavailable ), this happens when an attempt to categorize a URL fails if no database is downloaded, your license is expired, or if a system error occurs. See "Creating policy when category information in unavailable";
 
e.g. if we do not know the specific category for URL ( such as  category none), this is  not an error condition; many sites (such as those inside a corporate intranet) are unlikely to be categorized by a commercial service.  See  "Creating Policy for Uncategorized URLs" - extract example disallows access to uncategorized sites outside of the corporate network:
define subnet intranet
10.0.0.0/8 ; internal network
192.168.123.45; external gateway
end
<proxy>
; allow unrestricted access to internal addresses
ALLOW url.address=intranet
; otherwise (internet), restrict Sports, Shopping and 
uncategorized sites
DENY category=(Sports, Shopping, none)

Open in new window

0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now