Web Category Rules

Use the Web Category Rules section to define the policy's default set of permissions for access to websites.

By default, each category is assigned a default action by Forcepoint, blocking access to commonly restricted categories, and those that pose a security risk. You can change the default action for top-level categories and for specific sub-categories to tailor the content and security policy for your organization.

For each parent category and sub-category, you can set the following options:

• Action:
  • Allow and bypass: permits the request and bypasses further policy processing stages. Traffic is not decrypted.
  • Block: the request is not permitted. A block notification page is displayed to the user. No further policy processing is performed.
  • Continue inspection: permits the request and applies all further policy processing stages.
• TLS inspection: if the action is Continue inspection, this setting determines whether traffic that matches the rule is decrypted and the payload content inspected. Options are:
  • Do not decrypt: secure (HTTPS) traffic will not be decrypted. This traffic cannot be inspected.
  • Decrypt: secure traffic will be decrypted for inspection. Decrypted traffic is re-encrypted before being routed to the Internet.
  • Default: the TLS inspection setting is inherited from the Default TLS inspection setting for the policy