On the firewall, you can use a URL Filtering profile
to specify how you would like to enforce URL categories. By default,
site access for all URL categories is set to allow when you
create
a new URL Filtering profile. This means that the users will
be able to browse to all sites freely and the traffic is not logged.
Customize the URL Filtering profile by deciding what type of
Site
Access
you want to enforce for each category. To
prevent
credential phishing, you can also allow or disallow
User
Credential Submissions
based on URL category (for example,
you can block user credential submissions to medium and high-risk
sites). Users can still access these sites, but cannot enter submit
their corporate credentials to them.