URL Filtering Profile Actions
The URL Filtering profile specifies web access and credential submission permissions for each URL category. By default, site access for all URL categories is set to allow when you Create a new URL Filtering profile. This means that the users will be able to browse to all sites freely and the traffic will not be logged. You can customize the URL Filtering profile with custom Site Access settings for each category, or use the predefined default URL filtering profile on the firewall to allow access to all URL categories except the following threat-prone categories, which it blocks: abused-drugs, adult, gambling, hacking, malware, phishing, questionable, and weapons.
For each URL category, select the User Credential Submissions to allow or disallow users from submitting valid corporate credentials to a URL in that category in order to Prevent Credential Phishing. Managing the sites to which users can submit credentials requires User-ID and you must first Set Up Credential Phishing Prevention. URL categories with the Site Access set to block are automatically set to also block user credential submissions.
Learn more about configuring a best practice URL Filtering profile to ensure protection against URLs that have been observed hosting malware or exploitive content.
The website is allowed and a log entry is generated in the URL filtering log.
The website is allowed and no log entry is generated.
The website is blocked and the user will see a response page and will not be able to continue to the website. A log entry is generated in the URL filtering log.
Blocking site access for a URL category also sets User Credential Submissions for that URL category to block.
The user will be prompted with a response page indicating that the site has been blocked due to company policy, but the user is prompted with the option to continue to the website. The continue action is typically used for categories that are considered benign and is used to improve the user experience by giving them the option to continue if they feel the site is incorrectly categorized. The response page message can be customized to contain details specific to your company. A log entry is generated in the URL filtering log.
The Continue page doesn’t display properly on client systems configured to use a proxy server.
The user will see a response page indicating that a password is required to allow access to websites in the given category. With this option, the security admin or helpdesk person would provide a password granting temporary access to all websites in the given category. A log entry is generated in the URL filtering log. See Allow Password Access to Certain Sites.
The Override page doesn’t display properly on client systems configured to use a proxy server.
The none action only applies to custom URL categories. Select none to ensure that if multiple URL profiles exist, the custom category will not have any impact on other profiles. For example, if you have two URL profiles and the custom URL category is set to block in one profile, if you do not want the block action to apply to the other profile, you must set the action to none.
Also, in order to delete a custom URL category, it must be set to none in any profile where it is used.
User Credential Permissions
Allow users to submit corporate credentials to sites in this URL category, but generate a URL Filtering alert log each time this occurs.
Allow users to submit corporate credentials to websites in this URL category.
Block users from submitting corporate credentials to websites in this category. A default anti-phishing response page is displayed to users when they access sites to which corporate credential submissions are blocked. You can choose to create a custom block page to display.
Display a response page to users that prompts them to select Continue to access to access the site. By default, the Anti Phishing Continue Page is shown to user when they access sites to which credential submissions are discouraged. You can also choose to create a custom response page to display—for example, if you want to warn users against phishing attempts or reusing their credentials on other websites.
Prevent Credential Phishing
Prevent Credential Phishing Phishing sites are sites that attackers disguise as legitimate websites with the aim to steal user information, especially the credentials that provide ...
Credential Phishing Prevention
Credential Phishing Prevention Phishing sites are sites that attackers disguise as legitimate websites with the aim to steal user information, especially the user credentials that ...
URL Filtering Categories
URL Filtering Categories Objects > Security Profiles > URL Filtering > Categories The following table describes URL filtering category settings. Categories Settings Description Category In ...
URL Filtering Response Pages
URL Filtering Response Pages The firewall provides three predefined response pages that display by default when a user attempts to browse to a site in ...
Configure URL Filtering
Configure URL Filtering After you Determine URL Filtering Policy Requirements , you should have a basic understanding of what types of websites and website categories ...
URL Categories Each website defined in the URL filtering database is assigned a URL category. Here are a few ways to leverage URL categories: Block ...
Set Up Credential Phishing Prevention
Set Up Credential Phishing Prevention After you have decided which of the Methods to Check for Corporate Credential Submissions you want to use, take the ...
Device > Response Pages
Device > Response Pages Custom response pages are the web pages that display when a user tries to access a URL. You can provide a ...
User Credential Detection
User Credential Detection Objects > Security Profiles > URL Filtering > User Credential Detection Enable the firewall to detect when users submit corporate credentials. The ...