How does the proxySG process the local database content filtering file
search cancel

How does the proxySG process the local database content filtering file

book

Article ID: 248103

calendar_today

Updated On:

Products

SG-S400

Issue/Introduction

It seems to be a flaw in the way ProxySG processes a local database content filtering file.    

It is best explained with a basic example:-

If have the following local database source then www.webex.com will return both Whitelist & No-SSL-Intercept categories

define category Whitelist
 webex.com
end

define category Blacklist
 example.com
end

define category No-SSL-Intercept
 webex.com
end

 

However, the following local database source then www.webex.com ONLY returns the No-SSL-Intercept category.

define category Whitelist
 webex.com
end

define category Blacklist
 example.com
end

define category No-SSL-Intercept
 www.webex.com
end


The expectation is that say admin.webex.com would return ONLY Whitelist,  but www.webex.com would return Whitelist & No-SSL-Intercept

 

Environment

Release : 6.7.5.18

Component :

Resolution

This is working as expected, it's by design. All the other providers(blue coat, third party, etc.) are working the same way:

URLs are not normalized upon parsing and exact matching is performed. ie. webex.com is not equal to www.webex.com. 

When the exact matching category(ies) is found, it stops looking.

 

To return 2 categories for www.webex.com, it needs to be put in both categories. 

For example,

define category Whitelist
 webex.com
 www.webex.com
end

define category Blacklist
 example.com
end

define category No-SSL-Intercept
 www.webex.com
end

Powered by Wolken Software