FAQ

What is "True Policy Denied"?

FAQ ID:    FAQ360
Version:    1.0
Status:    Published
Published date:    08/12/2009
 

Answer

Starting in SGOS 5.3 and later, Blue Coat introduced a new feature named "True Policy Denied".  The true policy denied category is the actual category or categories which triggered the policy deny.  The ProxySG now has a way to identify to Blue Coat Reporter the category or categories which can be reliably claimed as the reason for a policy decision.  That is done by adding a new field to the main access log

The new category substitution is: $(exception.category). This provides a method for the ProxySG to identify to Blue Coat Reporter the category or categories as the reason for a policy decision. The Reporter main access log format includes the new x-exception-category field.

Using $(exception.category) in Exception Page returns the category name which match the rule hit in policy. You may refer to KB1313 for "Creating custom exception pages in the ProxySG".

Example of true policy deny with Peer-to-Peer as the reason for the denial:

URL: http://thepiratebay.org/
BCWF Categories: Spyware/Malware Sources, Peer-to-Peer (P2P), Hacking, and Adult/Mature Content
VPM Rule:
Web Access Layer
Source: "ANY"  Destination: "BCWF Category: Peer to Peer (P2P)"  Action: "Return Exception"

Result from browser Exception page:
$(url) value: http://thepiratebay.org/
$(cs-category) value: Adult/Mature Content
$(cs-categories) value: Adult/Mature Content;Hacking;Spyware/Malware Sources;Peer-to-Peer (P2P)
$(exception.category) value: Peer-to-Peer (P2P)

 


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
 
 
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.
 
 

Your response will be used to improve our document content.

Ask a Question