This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

In addition to Web Exceptions, do you need a corresponding Firewall Rule with Web malware and content scanning disabled?

Greetings, I've been finding that when setting up web exceptions that they do not work. I then have to go create a FQDN Host Group with FQDN hosts that match my Web Exceptions rule, then create a Firewall policy above my existing policy that bypasses Web malware and content scanning. Lastly, I have to add the FQDN Host Group to the Sandstorm (ATP) Network / Host Exception area as well. Why would this be? Should the web exception be enough? Am I doing something wrong? All the syntax is correct in the web exception.

This thread was automatically locked due to age.

Parents

0 AndersK over 6 years ago

Hi, it should not be necessary to create additional firewall rules or FQDN Host Groups for the web exception to work. Can you post a screenshot of the web exception and firewall rule?

Below are two examples of web exception I'm using to skip HTTPS decryption.
Cancel
Vote Up 0 Vote Down

Cancel
0 MrMojoRisin76 over 6 years ago in reply to AndersK

So with the Firewall rule below, the Exception I've created should work and the sites in the exception list will bypass the firewall web policy settings?
Cancel
Vote Up 0 Vote Down

Cancel
0 AndersK over 6 years ago in reply to MrMojoRisin76

Your web exceptions should work. I tried "Skip HTTPS decryption" with ^([A-Za-z0-9.-]*\.)?ct\.gov/? on https://portal.ct.gov site and that worked. What is the issue on the client?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 AndersK over 6 years ago in reply to MrMojoRisin76

Your web exceptions should work. I tried "Skip HTTPS decryption" with ^([A-Za-z0-9.-]*\.)?ct\.gov/? on https://portal.ct.gov site and that worked. What is the issue on the client?
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data