We'd love to hear about it! Click here to go to the product suggestion community
I was trying to test a firewall rule setup for an XG user, where the setup advised that the URL already existed. So I look for the URL groups and only find the ones I created prior to V18 EAP and the TLS groups. Where are all the other URL groups hidden?
can you share a picture?
In reply to lferrara:
is this what you are looking for?
That is all there is except for the SSL/TLS ones above.
In reply to rfcat_vk:
Maybe the setup meant "web exception list?" Did you check over there?
I had not created an exception for that site prior to trying to test blocking it.
I am unclear what the problem is, can you explain?
The URL Groups have not moved.
Are you saying that some you created in 17.5 went missing on upgrade?
In reply to Michael Dunn:
All the default URL groups are no longer shown. In URL groups there were lists of sites under groups that you could modify to build your own url group, that feature is missing.
Here is my test.
Install a v17 box fresh and look at the URL groups:
Upgrade the box to v18 and look at the URL groups:
The URL group that comes out-of-the-box "Blocked URLs for Default Policy" is still there.
Are you experiencing something different?
Or did you mean something different?
maybe I am having a senior's moment, but I definitely recall there were lists of websites under various URL groupings like P2P, Sexually explicit, VPNs etc that you could copy and modify the contents of to make your own version. While I can build a verb policy using categories I have no way of identifying what sets are in that category. Yes, I known the list is too big and is now maintained in a central site.
You may be thinking of User Activities
There are about 85 distinct categories in XG. It is unwieldy to manage all of those in policies so categories get combined up to form "User Activities". File types can also be included in user activities. There are 20 pre defined user activities.
Or potentially you are thinking of application policy. There is a massive list of applications, most of which are identified by snort and some by the web proxy. You can configure specific applications to be blocked or use filters to say things like "all P2P" and then as more P2P applications get added to the signature database they are automatically handled by the policy.
Neither of these have fundamentally changed since... v16 I think.
Thank you. s I said a senior's moment, looking in the wrong place.