<div>
The field can match on Exact, Partial, Prefix, or Suffix, it cannot match on &quot;null&quot;<br />
<br />
What are you trying to acheive by trying to match a blank user agent? Perhaps there is a different route to a similar result?
</div>


<div>
The intent is to identify incoming traffic that does NOT have a user agent data set. We are seeing a very large continuous number of hits that are &quot;scrapping&quot; our website for data. What we are seeing is so far over the 10 days now close to 350,000 hits from a range of IPs that are not listed in any bot network and are rotating the IPs so that they are falling under any sensible count to trigger an block. So &nbsp;far the list of IPs is over 250 and new ones are seen every day. The single most identifying thing is that there is no user agent data.
</div>


<div>
Apart from the lack of user agent, does the traffic appear to be vaild?<br />
<br />
<a href="https://www.infoq.com/news/2020/03/chrome-phasing-user-agent/" rel="ugc">https://www.infoq.com/news/2020/03/chrome-phasing-user-agent/</a><br />
<br />
I don't have a sonicwall to test on, but I wonder if matching on a character that will be in every user agent string as an allow, and then having a deny all would suffice?<br />
<br />
For a character that is in every user agent, I would choose /
</div>


<div>
<div class="content wysiwyg-content">
Does anyone know is there a way to create a match object that equals &quot;blank&quot;?<br />
<br />
Specifically, I want to create a match object for field &quot;HTTP User Agent&quot; with a value of &quot;blank&quot; which means if there is no data in the User-Agent field then it matches.
</div>
</div>


Does anyone know is there a way to create a match object that equals "blank"?

Specifically, I want to create a match object for field "HTTP User Agent" with a value of "blank" which means if there is no data in the User-Agent field then it matches.

Sonicwall match object &quot;blank&quot;

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

A web server refers to the software that helps to deliver web content that can be accessed either through the Internet or through an intranet. The primary function of a web server is to store, process and deliver web pages to clients. The communication between client and server takes place using the Hypertext Transfer Protocol (HTTP). The most common use of web servers is to host websites, but there are other uses such as gaming, data storage, running enterprise applications, handling email, FTP, etc.

Sonicwall match object &quot;blank&quot;

Sonicwall match object "blank"