Cisco Cisco Web Security Appliance S190 Guía Del Usuario
9-11
AsyncOS 9.1.1 for Cisco Web Security Appliances User Guide
Chapter 9 Classify URLs for Policy Application
Filtering Transactions Using URL Categories
•
Exceptions to Blocking for Embedded and Referred Content
A Website may embed or refer to content that is categorized differently than the source page, or that is
considered an application. By default, embedded/referred content is blocked or monitored based on the
action selected for its assigned category or application, regardless of how the source Website is
categorized. For example, a News site could contain content, or a link to content, that categorized as
Streaming Video and identified as being the application YouTube. According to your policy, Streaming
Video and YouTube are both blocked, while News sites are not.
considered an application. By default, embedded/referred content is blocked or monitored based on the
action selected for its assigned category or application, regardless of how the source Website is
categorized. For example, a News site could contain content, or a link to content, that categorized as
Streaming Video and identified as being the application YouTube. According to your policy, Streaming
Video and YouTube are both blocked, while News sites are not.
Note
Requests for embedded content usually include the address of the site from which the request originated
(this is known as the “referer” field in the request’s HTTP header). This header information is used to
determine categorization of the referred content.
(this is known as the “referer” field in the request’s HTTP header). This header information is used to
determine categorization of the referred content.
You can use this feature to define exceptions to the default actions for embedded/referred content; for
example, to permit all content embedded in or referred to from News Websites, or from a custom
category representing your intranet.
example, to permit all content embedded in or referred to from News Websites, or from a custom
category representing your intranet.
Note
Referer-based exceptions are supported only in Access policies. To use this feature with HTTPS traffic,
before defining exceptions in Access policies, you must configure HTTPS decryption of the URL
Categories that you will select for exception. See
before defining exceptions in Access policies, you must configure HTTPS decryption of the URL
Categories that you will select for exception. See
for additional
information about using this feature with HTTPS decryption.
Step 1
On the URL Filtering page for a particular Access Policy (see
), click Enable Exceptions in the Exceptions to Blocking for Embedded/Referred
Content section.
Step 2
Click the Click to select categories link in the Set Exception for Content Referred by These Categories
column, opening the URL filtering category referral-exception selection page.
column, opening the URL filtering category referral-exception selection page.
Step 3
From the Predefined and Custom URL Categories lists, select the categories for which you wish to define
this referral exception, then click Done to return to the URL Filtering page for this Access Policy.
this referral exception, then click Done to return to the URL Filtering page for this Access Policy.
Step 4
Choose an exception type from the Set Exception for this Referred Content drop-down list:
•
All embedded/referred content – All content embedded in and referred from sites of the specified
category types is not blocked, regardless of the categorization of that content.
category types is not blocked, regardless of the categorization of that content.
•
Selected embedded/referred content – After choosing this option, select specific Categories and
Applications that are not blocked when originating from the specified URL categories.
Applications that are not blocked when originating from the specified URL categories.
•
All embedded/referred content except – After choosing this option, all content embedded in and
referred from sites of the specified category types is not blocked, except those URL categories and
applications you now specify here. In other words, these types will remain blocked.
referred from sites of the specified category types is not blocked, except those URL categories and
applications you now specify here. In other words, these types will remain blocked.
Step 5
Submit and Commit Changes.