Why does the ProxySG appliance not notify user?

book

Article ID: 167555

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Sometimes when user transactions match an installed policy is installed, the ProxySG appliance allows the URL request and doesn't notify the user.

Resolution

Once the appliance finds a URL matching a notify policy rule, it evaluates the URL to confirm if it is notifiable. If the HTTP request or HTTP response of the URL request doesn't match any of the conditions of the __is_notifiable definition, the URL is not notifiable. Thus the appliance cannot notify the user for the URL and the request is not denied by this rule.

define condition __is_notifiable
    url.scheme=(http,https) \
    http.method=GET \
    request.header.User-Agent = '^(Mozilla|Opera)' \
    request.header.Range = !'' \
    request.header.If-Range = !'' \
    http.response.code = 200 \
    response.header.Content-Type='text/html'
end

As an example, if you review the following HTTP response, the packet doesn't contain "response.header.Content-Type", so this URL request isn't notifiable.

HTTP/1.1 200 OK
date: Sat, 14 Jun 2014 01:44:57 GMT
server: Cowboy
Content-Length: 0
Proxy-Connection: Keep-Alive
Connection: Keep-Alive
 

If a firewall drops a URL request, there is no response and the URL request isn't nottifiable.

By the same token, if any of the __is_notifiable conditions don't match, the appliance won't notify the user for the URL request.