[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 399
  • Last Modified:

sonicwall content filter exceptions

I have a Sonicwall TZ215 that we have "clamped" down fairly tight.   In the Content Filter policy URL list for forbidden categories we have # 30 EMail checked and prefer to leave it that way.
However one of our vendors is now using a firm for sending out their monthly updates and it is being blocked as forbidden category-Email
I have tried several things to exclude it but I guess I am not doing it correctly....

I have tried putting it in allowed domain in the custom list of the policy.   I tried using the blocked IP to exclude.  I tried to set up a new "Compliance" group and add users to that group with the forbidden category - Email, Not checked.   (Not sure how to make it apply ahead of the default policy)

Can someone maybe provide some "step by step" directions on how I can get this to be an OK site?
0
bankwest
Asked:
bankwest
1 Solution
 
btanExec ConsultantCommented:
pls see if the step through can help and importantly the re-configured policy need to be applied to that zone of interest. Note the Global allow and forbidden list on the settings page is for all policies while the per policy option on the settings is as it stated local to single policy. Eventually the policy will make the effect only on those applied to the selected zones.
http://www.uptimemadeeasy.com/networking/configure-sonicwall-content-filtering/

Also need to know CFS rule application scheme
Most Specific always has the highest priority (i.e. CFS policy for “All” group is least specific, CFS policy for local/authenticated group is more specific, CFS policy for a user is most specific. When policies are at the same level of specificity, the least restrictive option has the highest precedence.
Here is another example using CFS Custom Category instead
This option enables you to customize CFS categories thus overriding global CFS database ratings. For eg. in the screenshot below, cnn.com, which is rated "News and Media" by the global CFS database, is re-rated as Information Technology/Computers - Category 27
If the category News and Media is blocked but cnn.com needs to be allowed, re-categorizing it as an allowed category (in this eg. Information Technology/Computers) would allow cnn.com. The entries here are intrepreted as "suffix strings" meaning any prefix added to cnn.com, eg. us.cnn.com, will be treated as belonging to the custom category.
https://support.software.dell.com/kb/sw8563
0
 
bankwestCTO/CashierAuthor Commented:
Excellent.   Thank you.    I got it working for what I needed.
0

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now