Example: Discarding connections when URL categorization is not available

In this example, a company is using category-based URL filtering and wants to block traffic that cannot be categorized.

When URL categorization is not available, it might be possible for users to access URLs that are usually blocked. To prevent users from accessing potentially harmful URLs, the administrators want to discard connections to external servers that cannot be categorized.

Note: Depending on the matching criteria in the Access rules, discarding connections when URL categorization is not available might block all HTTP and HTTPS traffic.

The administrators:

  1. Add the following type of Access rule after the rules that apply category-based URL filtering.
    Table 1. Rule to discard connections that cannot be categorized
    Source Destination Service Action
    Internal Network element Not Internal expression Data Provider Error URL Category Discard
    Tip: If the engine detects that it cannot connect to ThreatSeeker, all URLs match the Data Provider Error URL Category.
  2. Save and install the policy.