Why does the ProxySG appliance not notify user?


Article ID: 167555


Updated On:


ProxySG Software - SGOS


Sometimes when user transactions match an installed policy is installed, the ProxySG appliance allows the URL request and doesn't notify the user.


Once the appliance finds a URL matching a notify policy rule, it evaluates the URL to confirm if it is notifiable. If the HTTP request or HTTP response of the URL request doesn't match any of the conditions of the __is_notifiable definition, the URL is not notifiable. Thus the appliance cannot notify the user for the URL and the request is not denied by this rule.

define condition __is_notifiable
    url.scheme=(http,https) \
    http.method=GET \
    request.header.User-Agent = '^(Mozilla|Opera)' \
    request.header.Range = !'' \
    request.header.If-Range = !'' \
    http.response.code = 200 \

As an example, if you review the following HTTP response, the packet doesn't contain "response.header.Content-Type", so this URL request isn't notifiable.

HTTP/1.1 200 OK
date: Sat, 14 Jun 2014 01:44:57 GMT
server: Cowboy
Content-Length: 0
Proxy-Connection: Keep-Alive
Connection: Keep-Alive

If a firewall drops a URL request, there is no response and the URL request isn't nottifiable.

By the same token, if any of the __is_notifiable conditions don't match, the appliance won't notify the user for the URL request.