SonicOS 7.1 DPI-SSL

Configuring Exclusions and Inclusions by CFS Category

You can exclude or include entities by content filter categories.

To specify CFS category-based exclusions/inclusions

  1. Navigate to the POLICY | DPI-SSL > Client SSL.
  2. Click CFS Category-based Exclusions/Inclusions.

    The status of the list is shown by an icon at the top of the view. A green icon indicates Content Filtering is licensed, a red icon that it is not.

  3. Select the Action to be set for the categories:

    • Exclude (default)
    • Include
  4. Do one of the following:

    • Select the categories to be included or excluded.

      By the default, all categories are unselected.

    • Click Select all Categories to select all categories.
  5. Repeat the steps 3 and 4 to create the opposite list if required.

    For example, if categories are set for Exclude action in previous steps, you can set the categories for Include action in this step. This step is not applicable if Select all Categories option is set in previous step.

  6. Select the Exclude connection if Content Filter Category is not available to exclude a connection if the content filter category information for a domain is not available to DPI-SSL.

    In most cases, category information for a HTTPS domain is available locally in the firewall cache. When the category information is not locally available, DPI-SSL obtains the category information from the cloud without blocking the client or server communication. In rare cases, the category information is not available for DPI-SSL to make a decision. By the default, such sites are inspected in DPI-SSL.

  7. Click Accept.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden