Add or edit a Web Exception

Web Exceptions are used to override Web Category actions.

Steps

  1. Click a setting within an existing rule to edit it, or click New to create a new exception.
    Use the More menu beside a rule to add a new rule before or after an existing rule, or to delete the rule.
  2. Give the rule a Name, and an optional Description.
  3. Click the Web Category/URL List cell to define the categories and URL Lists to which the exception will apply.
    Click the Type or click to select field and begin typing to search for a category or URL List resource, or select available resources from a list. Repeat the process to add all required categories/URL Lists for the rule.
    You can click New to define a new URL List resource.
    You can remove a category/URL List from the rule by clicking the Remove button.
  4. Click the Applies To setting to define the local traffic sources to which the rule will apply. If you do not add a source, the default entry of ANY is used: the rule will apply to web requests from any source to which the policy applies.

    Click the Type or click to select field and begin typing to search for an available resource, or click a resource type to select available resources from a list. Repeat the process to add all required sources for the rule.

    You can click New to define a new resource.
    You can remove a resource from the rule by clicking the Remove button. To reset the source setting, click the Type or click to select field and click Set to ANY
  5. Click the Action setting to define the action applied to web requests that match this exception. Available actions are:
    • Allow and bypass: allows requests to the specified categories or URLs, and bypasses further policy processing stages. Traffic is not decrypted
    • Block: blocks requests to the specified categories or URLs
    • Continue inspection: allows requests to the specified categories or URLs, and continues with further policy processing stages. The request may subsequently be blocked by Threat Inspection or File Filtering rules.
  6. Set the TLS inspection setting to define whether secure (HTTPS) web requests that match this exception are decrypted for inspection:
    • Do not decrypt: secure (HTTPS) traffic will not be decrypted. This traffic cannot be inspected.
    • Decrypt: secure traffic will be decrypted for inspection. Decrypted traffic is re-encrypted before being routed to the Internet.
    • Default: the TLS inspection setting is inherited from the Default TLS inspection setting for the policy.
  7. When you have finished, click Save.