Solved

sonicwall content filter exceptions

Posted on 2015-01-29
2
294 Views
Last Modified: 2015-01-30
I have a Sonicwall TZ215 that we have "clamped" down fairly tight.   In the Content Filter policy URL list for forbidden categories we have # 30 EMail checked and prefer to leave it that way.
However one of our vendors is now using a firm for sending out their monthly updates and it is being blocked as forbidden category-Email
I have tried several things to exclude it but I guess I am not doing it correctly....

I have tried putting it in allowed domain in the custom list of the policy.   I tried using the blocked IP to exclude.  I tried to set up a new "Compliance" group and add users to that group with the forbidden category - Email, Not checked.   (Not sure how to make it apply ahead of the default policy)

Can someone maybe provide some "step by step" directions on how I can get this to be an OK site?
0
Comment
Question by:bankwest
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 40579729
pls see if the step through can help and importantly the re-configured policy need to be applied to that zone of interest. Note the Global allow and forbidden list on the settings page is for all policies while the per policy option on the settings is as it stated local to single policy. Eventually the policy will make the effect only on those applied to the selected zones.
http://www.uptimemadeeasy.com/networking/configure-sonicwall-content-filtering/

Also need to know CFS rule application scheme
Most Specific always has the highest priority (i.e. CFS policy for “All” group is least specific, CFS policy for local/authenticated group is more specific, CFS policy for a user is most specific. When policies are at the same level of specificity, the least restrictive option has the highest precedence.
Here is another example using CFS Custom Category instead
This option enables you to customize CFS categories thus overriding global CFS database ratings. For eg. in the screenshot below, cnn.com, which is rated "News and Media" by the global CFS database, is re-rated as Information Technology/Computers - Category 27
If the category News and Media is blocked but cnn.com needs to be allowed, re-categorizing it as an allowed category (in this eg. Information Technology/Computers) would allow cnn.com. The entries here are intrepreted as "suffix strings" meaning any prefix added to cnn.com, eg. us.cnn.com, will be treated as belonging to the custom category.
https://support.software.dell.com/kb/sw8563
0
 

Author Closing Comment

by:bankwest
ID: 40579833
Excellent.   Thank you.    I got it working for what I needed.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question