Globally Trusted URLs

HTTP > URL Access Control > Global Trusted URLs

You can exempt certain Web pages, domains, or URLs from scanning (for example, the local intranet). IWSVA will not check the contents of trusted URLs for viruses, malware, harmful ActiveX programs and Java applets, and such. Access to sites that are listed as "Trusted" are still subject to the access quota policy as well as both port and client IP-based Access Control Lists (ACLs).

• Enable Trusted URLs—Enables or disables URL trusting. Click Save to apply your setting change.

• Caution: When you select this option, the content of trusted URLs will not be filtered and scanned for viruses.

• Match—Enter an exact Web site, a keyword or phrase, or a string of characters in the field, and then configure IWSVA with how to apply the match. Trusted URLs support both the ? and * wildcards.

• Web site—Limits the search to the string as a whole; used with one or more wildcards, this type of trust can be especially useful for preventing access to entire Web sites not on the list, or explicitly allowing access to those on the list (such as the corporate intranet or Internet). There is no need to include http:// or https:// in the URL (as it is automatically stripped).

• String—Limits the search to the string as a whole, for example, to target a specific site, page, file, or other particular item.

• Note: For HTTPS decryption policies, the strings to match vary depending on whether you set IWSVA in the proxy or transparency modes.
   
  - In the proxy mode, IWSVA matches the domain names, not the full URL. Therefore, you only need to specify the domain names.
  
  - In the transparency mode, IWSVA matches the CommonNames in the server certificates received.

• Trust (button)—Clicking this button after entering a string or Web site to match adds it to the Do Not Scan list.

• Do Not Trust (button)—Clicking this button after entering a string or Web site to match adds it to the "Exception to the Trusted URL List."

• Import Trusted List and Exceptions—In this field, you can import an existing list of URLs that you want block or exempt from filtering. For example, if you have a list of URLs from Trend Micro's Web console, or a list of sites you have compiled using a text editor, you can import the list rather than enter them one-by-one in the Match field. Import lists must conform to a defined standard.

• Do Not Scan These URLs—IWSVA includes a default list of trusted URLs. By default, IWSVA scans trusted URLs. You can change this behavior by selecting the Enable Trusted URLs check box.

• Exceptions to the Trusted URL List—This list contains URLs that have related counterpart URLs in the Do Not Scan These URLs list. For example, domain.com could be listed in the Do Not Scan These URLs list but shopping.domain.com can be the exception to domain.com and therefore listed in the Exceptions to the Trusted URL List.