What happens when my content filtering database expires?

book

Article ID: 167246

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

When looking at the status of a database download, we can see a database date and an expiration date

Previous download:
  Blue Coat download at: 2009/08/30 08:15:58 +0000
  Downloading from https://list.bluecoat.com/bcwf/activity/download/bcwf.db
  Requesting differential update
  Differential update applied successfully
  Download size:      191652080
  Database date:      Sun, 30 Aug 2009 08:05:52 UTC
  Database expires:   Tue, 29 Sep 2009 08:05:52 UTC
  Database version:   292420200
  Database format:    1.1
 

When the database expires, web sites get categorized as 'None' so depending on your policy, the effects of an expired policy can be different. Here are a few examples

Example 1 - Default policy set to allow

Rule 1 : Source: ANY   Destination: (Unwanted categories)     Action: DENY

After the database expires, nothing would match rule 1 so every connection would hit the default policy which is set to allow. The end result is that users are allowed to go on any site

Example 2 - Default policy set to deny

Rule 1 : Source: ANY   Destination: (Allowed categories)    Action: ALLOW

After the database expires, nothing would match rule 1 so everything would hit the default policy which is to deny, no web access will be allowed through the proxy

Example 3 - Default policy set to allow

Rule 1 : Source: ANY   Destination: (Allowed categories)   Action: ALLOW

Rule 2 : Source: ANY   Destination: ANY   Action: DENY

For this example, nothing would match rule #1 but everything would match rule #2, so despite having a default policy set to allow, the 'catch all' rule would deny everything. The end result is that no web access will be allowed through the proxy