Example: logging URLs accessed by internal users with a Protocol Agent

Company B has decided to track which webpages the employees visit. In addition to logging the connections, the administrators also want to log URLs.

An Access rule allows all outbound connections from the internal networks to the Internet, regardless of the service. The administrators decide to add the HTTP Protocol Agent in a Continue rule.

The administrators:
  1. Add the Continue rule above the existing Access rule, as follows.
    Source Destination Service Action
    Internal Networks Expression “NOT Local Protected Sites” “HTTP (with URL Logging)” default Service Continue
    Internal Networks Expression “NOT Local Protected Sites” ANY Allow
    Note: Using the “NOT Local Protected Sites” expression requires the Alias “Local Protected Sites” to be configured with a translation value for the engine.
  2. Refresh the engine’s policy.