Policy not being applied to Threatpulse - Default policy being applied

book

Article ID: 166778

calendar_today

Updated On:

Products

CDP Integration Server

Issue/Introduction

Policy is written to block certain sites and categories.
Sites and categories are not being blocked as expected.
When you go to http://demo.threatpulse.com, you are protected.
When you go to http://ipcheckit.com, you see that you are coming from a Blue Coat protected IP address.
When you bypass the Cloud, the egress IP address shows up as a non-Cloud IP address.

Resolution

The cause of the issue is that policy was not being applied within the Cloud and default policy was being applied.  The end result is that none of the sites were being blocked.  The issue was caused by "quotes" being used in the customized portion of error pages.  To fix the issue, remove the quotes.

FIX:

1.)  Login to the threatpulse portal (https://portal.threatpulse.com).
2.)  Go to Service > Notification > Error Pages
3.)  Scan the customized portion and look for "quotes" in any of the field.  Delete them and save your changes.
4.)  Go back to Solutions > Content Filtering > Policy > and click on "Activate".
5.)  Test to make sure policy is being applied appropriately.