I've decided to give my nervous system a rest by blocking frivolous social networking sites (I realize this could be considered redundant).
My approach, originally, was to create a web category limited to social networking
...then update the relevant web filter action to block this category...
This seems pretty straight forward. The problem is, it doesn't work. I can get through to Facebook every time.
Checking the Policy Helpdesk, it confirms that Facebook is allowed despite the site being clearly identified as under the new Social Networking category.
The principle problem is, in the above policy helpdesk check, the web call is considered under the base policy instead of the policy I desired associated with my user. This circumvents all of my customized policies. I'm missing something here, it's just not clear to me what it is.
Looking at the Web logs on the UTM I see that facebook calls are categorized under both "Content Server" and "Social Networking" but both are allowed with the above rules in place. This is because my specific profile is being ignored and the base profile is being used, but why?
My work-around:
By creating a Web Application Rule to block Social Media, I can get the desired functionality, though I'm not happy with this solution.
I've been confused by the prioritization of overlapping UTM rule sets before, this is just one more example.
The policy helpdesk now shows the site being blocked as does my web browser and mobile apps.
Can someone help me figure out why the Web Filter Action fails to do what I think it should?
Much thanks,
Doug
This thread was automatically locked due to age.
