how to exempt user in application filter

Question

Hi, 
 I have XG310 with V18 Mr5, it is integrated with AD, i have created web policy to block social networking category and also created an application filter to block social networking category. 
 I created a firewall rule, check match user and add group in that rule, applied web policy and application policy. 
 now I want to allow temporary access to one user in that group?? can i make exemption of that user in web and application filter. 
 in webfilter i went to policy create a new rule for social networking and add that select that user and in action i turned it allow. 
 how can i make exempt that user from application filter ? in application filter i cant find any filed to choose user/group. please help me for this. 
 what is the order of policy execution in XG? if web and app filter is applied then which one will execute 1st? 
 regards,

Prism · Answer

You can create Firewall Rule based on Users/Groups, the same apply to Web Filtering. 
 But Application Filtering is applied directly to a Firewall Rule, in order to exempt a user from the application filter, you will have to create a secondary Firewall Rule on top of the current one with the custom Web/App Filtering - in the same Firewall Rule you will select the User or Group you want to exempt. 
 Madni Malik said: can i change the order of execution of policies?? like first of all web and then application filter will get executed??? 
 You can't, when a certain traffic matches a Firewall Rule, all further traffic will be processed by the same Firewall Rule. 
 This has been discussed in this thread.

rfcat_vk · Answer

With that meany users you are likely to have user groups and you can create firewall rules for user group access. 
 ian

how to exempt user in application filter

Top Replies