How to create custom CFS categories (5.8 and above)

03/26/2020 1,088 People found this article helpful 505,927 Views

Description

CFS: How to create custom CFS categories (5.8 and above)

Resolution

CFS Custom Categories enable you to override global CFS database ratings. This helps in scenarios where a category is blocked (or allowed) but certain sites falling within that category needs to be allowed (or blocked). By re-categorizing the sites to an allowed (or blocked) category would help you allow (or block) the sites in question, instead of creating Allowed / Forbidden domains. CFS Custom Category is a global CFS settings applicable for both CFS via User and Zone Screens and CFS using App Rules.

This article describes the method to configure Custom Categories.

Video Tutorial: Click here for the video tutorial of "How to create CFS Custom Category"

In the example below we re-categorize mail.google.com and www.cnn.com, which are rated by the global CFS ratings as Category 30: E-Mail and Category 33: News and Media to Category 27: Information Technology/Computers.

1. Login to the SonicWall Mangement GUI
2. Navigate to Security Services > Content Filter.
3. Check the box under Enable CFS Custom Category.
4. Click on Accept at the top or bottom of the page to save.

5. Click on Add under CFS Custom Category to bring up the Edit CFS Local Rating window.
6. Enter the following information in the window:

Name: A name for this setting.
Category: Select a category for the sites. In this example, Category 27: Information Technology/Computers.
Content: Enter mail.google.com and www.cnn.com and click on Add after each for the list box to populate.

7. Click on OK to save the settings.

Note:

All subdomains of the domain entered are affected. For example, entering “google.com” applies to “mail.google.com”, hence it is not necessary to enter all FQDN entries for subdomains of a parent domain.
If Enable HTTPS Content Filtering is enabled, this is applicable to both HTTP and HTTPS traffic.

How to Test:

Create a CFS policy (either CFS via User and Zone Screens or using App Rules.

Select Category 30: E-Mail and Category 33: News and Media for blocking.

Do not select Category 27: Information Technology/Computers.

Try to access mail.google.com or www.cnn.com. You will be able to access both.

Alternatively create a policy with Category 30: E-Mail and Category 33: News and Media allowed.

Block Category 27: Information Technology/Computers for

Try to access mail.google.com or www.cnn.com. You will be blocked with the following message in the logs: