search cancel

SWG does not check whitelist for file inspection, results in downloads being redirected to timer page


Article ID: 161402


Updated On:


Web Gateway


In proxy mode with 407 authentication, Symantec Web Gateway (SWG) whitelist and blacklist configuration is not honored by file inspection


No error. Instead, timer page and possibly blocked file downloads from whitelisted domains, or file downloads from blacklisted domains that are not blocked


The whitelist/blacklist checking happens during the domain inspection for  URL filtering.  In proxy mode when authentication is needed, the process responsible for enforcing policies will skip the URL filter section since it is handled by a helper, but in this case also skip the whitelist/blacklist checking and the action fails to carry over to the file inspection.


SWG changes this behavior in SWG 5.2.2 by adding another branch of code to specifically cover the case when URL filter is skipped, to carry the whitelist/blacklist action for the file inspection.