LevelBlue Named Official Cybersecurity Advisor of the PGA of America. Learn more

LevelBlue Named Official Cybersecurity Advisor of the PGA of America. Learn more

Services
Cyber Advisory
Managed Cloud Security
Data Security
Managed Detection & Response
Email Security
Managed Network Infrastructure Security
Exposure Management
Security Operations Platforms
Incident Readiness & Response
SpiderLabs Threat Intelligence
View All Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Operational Technology
End-to-end OT security
Microsoft
Unlock the full power of Microsoft Security
Securing the IoT Landscape
Test, monitor and secure network objects
Why LevelBlue
About Us
We reduce cyber risk and build resilience
Awards and Accolades
The most recognized cybersecurity leader
LevelBlue SpiderLabs
Elite global threat experts and intelligence
PGA of America Partnership
Cybersecurity at the championship level
Secure What's Next
Future-proof your organization
LevelBlue Security Operations Platforms
Unprecedented security visibility and control
Security Colony
Cybersecurity threat protection resources
Partners
Microsoft
Unlock the full power of Microsoft Security
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP
Loading...
Loading...

LevelBlue Knowledge Base

Home » Knowledgebase » Legacy Products » Secure Web Gateway » Security Policies » FAQ: How does the "Add to URL List" feature work?

FAQ: How does the "Add to URL List" feature work?

Expand / Collapse
Show/Hide Article Tools


  • Question
    In the Web log viewer, there is an option to add the URL from the Web log entry to a choice of URL Lists. This allows it to be 'blocked' or 'allowed' according to the Security Policy configured by the end-user.

    How does this option work? Not all the customer defined URL lists are displayed in the URL drop-down list, why is this?

  • Answer
    The "Add to URL list" feature works as follows:
    The URL lists displayed in the drop-down menu are the URL lists used by the end user's Security Policy.
    The logic behind this feature is that if the administrator wishes to block or allow a certain URL entry from the Web Logs, it must be done in accordance with the end user's Security Policy (not according to other URL lists being used by other security policies not related to this specific end user.)

    For example:
    The Finjan Medium Security Policy was applied to a specific user and the administrator concludes that this URL should be allowed for this security policy.
    In order to do so, the administrator must add the URL entry from the Web log to one of this security policy's URL white lists.
    In the Finjan Medium Security Policy there are 7 URL lists in use:
    Customer Defined Black List and URL Black List (Medium): Used by rule #5, "Block Access to Blacklisted Sites"
    Allowed Large Download Sites, Trusted Sites and URL Bypass List (Medium): Used by rule #8, "Allow Trusted Sites"
    Customer Defined White List and URL White List (Medium): Used by rule #25, "Allow Access to White Listed Sites"
    After clicking on "Add to URL list" these URL lists are indeed listed:

    This is the reason that not all URL lists will be displayed in the drop-down menu, but only according to the context of this Web log / URL entry and the security policy of the end user.


  • Software Version
    Versions 9.0 and 9.2

    • This article applies to:
    NG 1000
    NG 5000
    NG 6000
    NG 8000
    This article was previously published as:
    Finjan KB 1929

    To contact LevelBlue about this article or to request support:

    Rate this Article:
         

    Add Your Comments


    Comment submission is disabled for anonymous users.
    Please send feedback to Trustwave Technical Support or the Webmaster    .


    Execution: 0.109. 8 queries. Compression Disabled.
    Powered by InstantKB.NET