I was accessing a website and a warning page from the XGS (running current XG 18.5 MR1) popped up warning that the website was blocked because it was Information Technology. This was very puzzling since I had specifically eliminated Information Technology as a filter.
I poked around in the XGS and found nothing. Then poked around in Intercept X (via Sophos Central) to see if I'd perhaps blocked Information Technology there. I tested the URL in Policy Test and it was allowed, I think. (Though I lost track of tests and modifications over time, so I could be wrong on this one.) After quite some time, I finally figured out what was going on, and basically the warning was justified, but it was not because the site was Information Technology.
So a warning to admins: the reason listed on the warning page may be misleading.
Originally, Information Technology was grouped into a User Activity (was it Suspicious or Risky Downloads?) and I felt that other entries in the group were justified, but not Information Technology. So I deleted it from the UA group. Perhaps XG still thinks it's in there for message-generating purposes. Or perhaps a reverse lookup lists that URL as being in Information Technology and that's the best that can be done at message-generation time.
In fact, the site was blocked by being in the Blocked URLs for Default Policy URL group, which is referenced from a Web Policy.
So this might be considered a bug report, though it might be very hard to fix it. Mostly a warning to admins: a URL might be Web filtered due to local or unique policies/groups and misattributed to an activity that you have modified.
This thread was automatically locked due to age.