ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Blacklisted domain (twitter.com) is not blocked from Firefox version 22.

book

Article ID: 161388

calendar_today

Updated On:

Products

Web Gateway

Issue/Introduction

When using Firefox version 22 and you add (twitter.com) to blacklist in SWG UI, the site does not get blocked.

Cause

Firefox redirects the twitter.com site to an HTTPS site.  When SWG is in Inline Blocking mode only the SWG cannot inspect HTTPS traffic therefore the site will not get blocked.  SWG is working as design.  HTTPS traffic can only be inspected when in Inline+Proxy blocking mode or Proxy blocking mode and SSL Deep Inspection is enable.  See Solution for workaround.

Resolution

Workaround:

  1. Log into the GUI for SWG.
  2. Set the operating mode to be in Inline+Proxy blocking or Proxy blocking.

    Under Administration> Configuration> Operating Mode
     
  3. Enable Proxy (See SWG Implementation Guide for detail on Page 79 - 80.)
  4. Enable SSL Deep Inspection (See SWG Implementation Guide for detail on Page 81 - 85 .)

    Note: Link listed below for 5.2 Implementation Guide
    www.symantec.com/business/support/index
     
  5. Configure a Policy for SSL Deep Inspection. (See SWG Implementation Guide for detail on Page 105 - 106.)