ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

SWG does not check whitelist for file inspection, results in downloads being redirected to timer page

book

Article ID: 161402

calendar_today

Updated On:

Products

Web Gateway

Issue/Introduction

In proxy mode with 407 authentication, Symantec Web Gateway (SWG) whitelist and blacklist configuration is not honored by file inspection

 

No error. Instead, timer page and possibly blocked file downloads from whitelisted domains, or file downloads from blacklisted domains that are not blocked

Cause

The whitelist/blacklist checking happens during the domain inspection for  URL filtering.  In proxy mode when authentication is needed, the process responsible for enforcing policies will skip the URL filter section since it is handled by a helper, but in this case also skip the whitelist/blacklist checking and the action fails to carry over to the file inspection.
 

Resolution

SWG changes this behavior in SWG 5.2.2 by adding another branch of code to specifically cover the case when URL filter is skipped, to carry the whitelist/blacklist action for the file inspection.
Z