What is "True Policy Denied"?
Starting in SGOS 5.3 and later, Blue Coat introduced a new feature named "True Policy Denied". The true policy denied category is the actual category or categories which triggered the policy deny. The ProxySG now has a way to identify to Blue Coat Reporter the category or categories which can be reliably claimed as the reason for a policy decision. That is done by adding a new field to the main access log
The new category substitution is: $(exception.category). This provides a method for the ProxySG to identify to Blue Coat Reporter the category or categories as the reason for a policy decision. The Reporter main access log format includes the new x-exception-category field.
Using $(exception.category) in Exception Page returns the category name which match the rule hit in policy. You may refer to KB1313 for "Creating custom exception pages in the ProxySG".
Example of true policy deny with Peer-to-Peer as the reason for the denial:
Result from browser Exception page:
Rate this Page
Please take a moment to complete this form to help us better serve you.