Using Filters

You can use category filters and application filters to create rules that control Internet content that users and applications can access. After you create filters, you must add them to a security policy for the filtering rules to take effect.

In category filters, each filtering category contains sub-categories that further define the respective content. When configuring a category filter, you can add as many categories and sub-categories as you need. For example, if you want Infoblox Threat Defense to detect and block internet content related to tobacco and alcohol, you select and add all relevant sub-categories. You can then add the category filter to your security policy and assign the Block action to deny access to corresponding content. Although you cannot view or configure the predefined domains that are associated with the sub-categories, you can set the Block, Allow, Log, or Redirect action when you add the category filter to the security policy. For information about security policies, see Configuring Security Policies.

Application filters are rules that Infoblox Threat Defense uses to provide accessibility or restriction to applications based on the selected category or subcategory. Using application filters, you can set security policies based on whether you want to allow an application to access the Internet at all times, or if you want the application to use local resolution when used with Universal DDI appliances. 

To use filters in security policies, complete the following:

1. Create a category filter, as described in Creating Category Filters.
   or
   Create an application filter, as described in Creating Application Filters
   
2. Add the category filter to the security policy, as described in Configuring Security Policies.

To use application filters with local on-prem resolution, see local on-prem resolution.