Gain visibility into web activity on your network to
inform your URL filtering policy requirements.
To first deploy URL filtering in your network,
we recommend that you start with a basic setup that’ll give you
visibility into web activity patterns while blocking confirmed malicious
content:
Start with a (mostly)
passive URL Filtering profile that alerts on most categories. This
gives you visibility into the sites your users are accessing, so
you can decide what you want allow, limit, and block.
- Block URL categories that we know are bad: malware, C2, and phishing.
Because
alerting on all web activity might create a large amount of log files,
you might decide you only want to do this as you’re initially deploying
URL Filtering.
At that time, you can also
reduce URL filtering logs by enabling the Log container
page only option in the URL Filtering profile so only
the main page that matches the category will be logged, not subsequent
pages/categories that may be loaded within the container page.