Video Screencast Help

How pass SWG filter of whole domains "edu.tw"

Created: 13 Dec 2009 • Updated: 12 Jul 2010 | 1 comment
Gary Jiang's picture

Hi
I want pass domains "edu.tw" filter in SWG. I tried add "edu.tw" in policies --> whitelist page, but I still got block message from SWG. Please tell me how to do?

I have capture screens in below, I hope pass whole edu.tw domains, even they are spyware site.

thank you,

pic1.jpg

pic2.jpg

Discussion Filed Under:

Comments 1 CommentJump to latest comment

KevK76's picture

Hi Gary,

As you alluded to, it doesn't appear that you can add a full domain to the Whitelist, and that you can only add a host name or IP to be added.

I've been able to achieve what I believe you want and I think using a safer method.  I used the Blacklist functionality to do this(FYI Blacklist is a bit decieving as it can be used to allow access to custom sites).  Here is what I did:

1. When logged into the SWG go to the Blacklist page under Policies.  Add a Blacklist entry and set to 'Block by URL' and set '*.edu.tw' as the domain(you can enter edu.tw as the name and description of the Blacklist entry as well).  Set the severity to Minor and Category to 'Custom Restricted List 1'.

2. Open up your policies(the only downside here is that you will need to do this for all group policies) and make sure Spyware Category is higher up in your policy list than Spware Severity and Detection Type(it should be by default and this sets Spyware Category with higer precedence).  Click the 'Add Category' button beside Spyware Category.  Select the 'Custom Restricted List 1' and set the action to Monitor and Save the policies.

This should now give you users access to the all edu.tw sites and the bonus here is that if users try to download anything from these pages they will still be scanned by the Symantec AV Engine(this wouldn't have happened if you could have added the full site to the Whitelist).

Think that should sort you out.

Cheers,

Kevin