URL Filtering vs SWG

Cirrostratus

May 09, 2016

Hi,

Thanks for answer. I know this Implementations guide but to be honest it's not very helpful to figure out how exactly Malware protection is working.

I assume you are referencing to Response Analytics object. That part I already figured out but I am still not sure how it's exactly working.

I assume that when this object is used then all responses from server are scanned? Or not really?

When using URL Category Lookup in GUI some lookups are returning additional Category - Analytics. This category is not listed in URL Categories. So my assumption was it's somehow related to Malware protection (or Real-Time classification - or maybe both?).

When checking logs for Per-Flow Policy execution I can as well see that some urls classified by Category Lookup object are returning additional category - recommend_to_scan (ID 199).

Now question is if only responses from urls with this additional category are in fact scanned or all responses?

If only responses with this category how to control if we would like to scan or not? Using some logic in Category Lookup object?

Another question is if there is any easy way to check which urls has Analytics category assigned? There is no way I can see via GUI (nothing in URL Categories list).

Yet another question is if there is a way to enable scanning for categories not assigned with Analytics category or for custom added categories?

Piotr

Forum Discussion

URL Filtering vs SWG

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Filtering traffic based on client ip address and URL

Doing mTLS Authentication per URL

url redirect

URL Shortener

URL rewrite

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS