Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
New Member

Predefined URL Category Filtering

We are running IronPort S160 and have created Identities and Access Policies.We have created AD groups and use those groups for validating against access policies.However for one of the department in a group we need to allow a URL Category that is currently blocked for everybody in that group.

How can we go about doing this?

1 REPLY
New Member

Re: Predefined URL Category Filtering

First access policy wins.  It's processed from top-down.

If you haven't, adjust your identity policies to match on authenticated users first, IPs second.

Create a new access policy, place it at the top of the list. 

Change Identities to Select one or more...

Change Select Identity... to the Identity Policy that matches your AD authentication.  Check the Selected Groups radio button.  Click groups, add the group you want to allow access with.

Click the Advanced button at the bottom of the screen.  Click URL Categories.  Choose the URL category you want to allow access to.

After you click OK/Submit a couple times, you should be back at the list of access policies.  Click the box inside URL Categories that matches the access policy you just created.

Check the appropriate mode for that URL category (monitor, warn, block, allow, time-based, etc).

Click ok.

Apply.  Test. 

765
Views
0
Helpful
1
Replies
СоздатьДля создания публикации, пожалуйста в систему