This is expected behavior. If you would like to stop requests to denied sites, see ProxySG is requesting resources for denied sites.
Suppose you have a bad site, such as following:
2009-06-25 06:56:19 1 10.21.62.174 ISUSMCD cn=BlueCoat_Download,ou=Applications,ou=GROUPS,o=osr policy_denied DENIED "Adult/Mature Content;Personals/Dating" - 403 TCP_DENIED GET - http www.oogle.com.au 80 / - - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648)" 10.31.5.10 910 646 - |
This was caught and categorized correctly. However, if you take a look at this:
2009-06-25 06:56:20 542 10.21.62.174 ISUSMCD cn=BlueCoat_Download,ou=Applications,ou=GROUPS,o=osr - OBSERVED "none" http://www.oogle.com.au/ 404 TCP_NC_MISS GET text/html;%20charset=iso-8859-1 http www.oogle.com.au 80 /blocked_files/osr_logo.gif - gif "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648)" 10.31.5.10 785 439 - |
It's the same server, but the category is none and the URL was allowed.
The behavior of BCWF/WebPulse is expected.
Using policy, you can decide how the proxy handles URLs that are categorized as none.