Question
In the Web log viewer, there is an option to add the URL from the Web log entry to a choice of URL Lists. This allows it to be 'blocked' or 'allowed' according to the Security Policy configured by the end-user.
How does this option work? Not all the customer defined URL lists are displayed in the URL drop-down list, why is this?
Answer
The "Add to URL list" feature works as follows:
The URL lists displayed in the drop-down menu are the URL lists used by the end user's Security Policy.
The logic behind this feature is that if the administrator wishes to block or allow a certain URL entry from the Web Logs, it must be done in accordance with the end user's Security Policy (not according to other URL lists being used by other security policies not related to this specific end user.)
For example:
The Finjan Medium Security Policy was applied to a specific user and the administrator concludes that this URL should be allowed for this security policy.
In order to do so, the administrator must add the URL entry from the Web log to one of this security policy's URL white lists.
In the Finjan Medium Security Policy there are 7 URL lists in use:
Customer Defined Black List and URL Black List (Medium): Used by rule #5, "Block Access to Blacklisted Sites"
Allowed Large Download Sites, Trusted Sites and URL Bypass List (Medium): Used by rule #8, "Allow Trusted Sites"
Customer Defined White List and URL White List (Medium): Used by rule #25, "Allow Access to White Listed Sites"
After clicking on "Add to URL list" these URL lists are indeed listed:
This is the reason that not all URL lists will be displayed in the drop-down menu, but only according to the context of this Web log / URL entry and the security policy of the end user.
Software Version
Versions 9.0 and 9.2
- This article applies to:
- NG 1000
- NG 5000
- NG 6000
- NG 8000
- This article was previously published as:
- Finjan KB 1929