Web Filter Policies Best Practice?

Question

Hey, 
 I am having trouble with web filter policies and had a few questions about them. 
 1.What is the best way to decide on whether to have the default action of a policy to be allow or deny? 
 2. I want to make an policy that only allows gmail and google drive and a few other sites. So should i make the default policy block and create a separate category for the sites that i need and allow that only? 
 3. How are sites that dont belong to a category handled by the firewall? Do they fit in a category or are they allowed or blocked? 
 4. If custom categories are made then those categories have to be allowed for all other policies on the firewall if the default action is blocked for a certain policy is this the way it is supposed to work?

lferrara · Answer

Tom, 
 if your goal is to allow only few sites, the best thing you can do is to create a Web Profile, where you add only the required categories (or create a new one) and then edit the default action to "block". 
 You can also use URL group and add them to your Web Policy. If the sites are not categorized correctly, report them to Sophos website https://secure2.sophos.com/en-us/support/contact-support.aspx or use URL group. 
 Regards

lferrara · Answer

Tom, 
 you can block "uncategorized" categories using uncategorized category. 
 Regards

Aditya Patel · Answer

Hi Tom, 
 None category: Websites that does not belong to any of the listed categories. 
 Uncategorized: Websites cannot be categorized due to a connectivity issue with Webcat service. 
 Best practice allow 'uncategorized' and block 'none' categories.