This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unexpected Web Filter Profile Use

I have endpoints in a network group in a web profile that are hitting the default web profile. Specifially, I have endpoints in a host group called Recruiter TLS Inspection that is in Standard mode that have hosts hitting the Default Web Filtering Profile that is in Transparent mode. Not all requests are hitting the default profile. I have our LAN network in the allowed networks for the Default Web Filter Profile. Have I misconfigured something or is this expected behavior that I'm ignorant of?



This thread was automatically locked due to age.
Parents
  • 1) Transparent Mode profiles will also act as Standard Mode profiles, so it is important that the Standard-Mode-only profiles have higher priority.   Since you see intermittent results, this is probably not the cause.   But since it is not well documented, it is worth mentioning.

    2) In my network, there is a lot of web traffic that is not generated by a web browser, and consequently does not use the system proxy.  Windows Update, Adobe Updater, Java Updater, Antivirus updater, Fat-Client applications based on web technology, and probably some others that escape my recollection.   The non-browser web traffic worked out to about 50% of my total web traffic.   Ever since that study, I have been using Standard Mode with A/D SSO, and Transparent Mode with No Authentication.    I would expect that you have similar applications, and they are causing your mixed-mode results.

Reply
  • 1) Transparent Mode profiles will also act as Standard Mode profiles, so it is important that the Standard-Mode-only profiles have higher priority.   Since you see intermittent results, this is probably not the cause.   But since it is not well documented, it is worth mentioning.

    2) In my network, there is a lot of web traffic that is not generated by a web browser, and consequently does not use the system proxy.  Windows Update, Adobe Updater, Java Updater, Antivirus updater, Fat-Client applications based on web technology, and probably some others that escape my recollection.   The non-browser web traffic worked out to about 50% of my total web traffic.   Ever since that study, I have been using Standard Mode with A/D SSO, and Transparent Mode with No Authentication.    I would expect that you have similar applications, and they are causing your mixed-mode results.

Children