Versions Compared

Old Version 22

changes.mady.by.user Gary Leicht

Saved on

compared with

New Version Current

changes.mady.by.user Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Category Filter: Select this rule to add a category filter to the policy. Category filters are content categorization rules that allow you to detect and filter internet content and traffic that you want to allow or block. +:
    • OBJECT: From the OBJECT menu, select a category filter from among the available  options.  Click Select to add the category filter to the policy. 

    • ACTION: From the ACTION menu, select an action type for the category filter to be added to your security policy. Action types include the following:   

      • Allow - No Log: Allows filtering of categories without logging of responses. Events will not be displayed in Security Activity reports.

      • Allow - With Log: Allows filtering of categories with logging of responses.

      • Block - No Redirect: Blocks filtering of categories when no redirection is used.

      • Block - Default Redirect: Blocks filtering of categories when the default redirect is used.

      • Block - Redirect: Blocks filtering of categories when a custom redirect is used.

      • Block (No Log) - No Redirect: Blocks filtering of categories when no redirect is used. Events will not be displayed in Security Activity reports.

      • Block (No Log) - Default Redirect: Blocks filtering of categories when using the default redirect. Events will not be displayed in Security Activity reports.

      • Block (No Log) - Redirect: Blocks filtering of categories when using a redirect. Events will not be displayed in Security Activity reports.

...

You can also add a custom application filter by selecting New Filter from the Choose Application Filter menu. To create your custom application filter, you must provide a name for the custom application list; a description is optional.
For more information, see Creating Application Filters.

  • TagsTag: Select this rule to add a tag to the policy. Tags allow you to assign rules to objects in a security policy that allow you to detect and filter internet content and traffic that you want to allow or block based on the tag For security policies, tags consists of a name, an action, and a scope. Complete the following to add a tag to a security policy: 

    • OBJECT: An object is composed of three parts: KEY, VALUE, and SCOPE.   From the OBJECT menu, select a KEY, VALUE, and SCOPE for the tag. All three components of the tag object must be specified when it is created. 

    • ACTION: From the ACTION menu, select an action type for the tag to be added to your security policy. Action types include the following:   

      • Allow - No Log: Allows filtering of tags without logging of responses. Events will not be displayed in Security Activity reports.

      • Allow - With Log: Allows filtering of tags with logging of responses.

      • Allow - Local Resolution: Allows filtering of tags when local on-prem relocation is used.

      • Block - No Redirect: Blocks filtering of tags when no redirection is used.

      • Block - Default Redirect: Blocks filtering of tags when the default redirect is used.

      • Block - Redirect: Blocks filtering of tags when a custom redirect is used.

      • Block (No Log) - No Redirect: Blocks filtering of tags when no redirect is used. Events will not be displayed in Security Activity reports.

      • Block (No Log) - Default Redirect: Blocks filtering of tags when using the default redirect. Events will not be displayed in Security Activity reports.

      • Block (No Log) - Redirect: Blocks filtering of tags when using a redirect. Events will not be displayed in Security Activity reports.

Precedence order considerations when defining a policy-based on tags: If the Default Global Policy has higher precedence than a custom policy having network scopes defined based on tags, then the Default Global Policy will continue to work because its precedence is higher than the custom policy. For a custom policy having network scope defined based on tags to work, it should have higher precedence than the Default Global Policy.
For information on applying tags to BloxOne Infoblox Threat Defense objects, see Applying Tags.

...

4. Click Next in the wizard to add bypass codes. For more information, see Adding Bypass Codes to a Security Policy.

Precedence Order

Warning
titleWarning

Application filtering: When Local On-prem Resolution is enabled, application filters take priority when executing rules governing precedence order. 

The recommended precedence order for executing rules in a security policy , from highest to lowest order of precedence, is as follows:  

1. Custom Lists
2. Feeds
3. Threat intelligenceInsight
4. Category Filters
5. Default

While the above precedence order is recommended, the decision of precedence order is determined by the organization. When creating rules for a security policy, do keep precedence order in mind. 

...