AnsweredAssumed Answered

URL Filtering – Categorization

Question asked by Alejandro Lansac on Oct 11, 2018
Latest reply on Oct 12, 2018 by Dameon Welch-Abernathy

I have a new question about URL Filtering. I am testing the Application Control und URL Filtering Blades in order to replace our Proxy, but I have a problem with Categorization. The test is done with a R80.10 security Gateway configured as HTTP/HTTPS Proxy with a restrictive configuration: Each Department has access to a group of categories, and all other categories are blocked.

I experience the following behavior:

  • When a user opens a new Web Site it becomes immediately the category “Web Browsing”. This Category is not allowed in our Policy and the firewall drops the connection.
  • The second time that we open the same website the site is correctly categorized and traffic accepted oder droped according to the policy.

This behavior is also described in SK105642 “Allowed site is blocked on first attempt, then allowed on second attempt”, but the solution doesn’t work for me.

The advanced configuration of Application Control & URL Filtering is:

  • Fail Mode – Block all requests (fail-close)
  • Web browsing – “enable web browsing logging and policy enforcement” – Disabled
  • Checkpoint online web service
    • Block requests when web service is unavailable
    • Website Categorization mode: Hold – requests are blocked until categorization is complete

For torubleshooting purposes I have temporary disabled https inspection and I experience the same problem.

Has anyone experienced a similar problem?

Outcomes