You can have IWSVA block certain Web pages, domains, and URLs from scanning.
URL blocking is not policy based—it affects everyone in the organization.
One especially powerful use for URL blocking is to combat a sudden Internet
threat such as a DoS attack or a new Internet worm. You can quickly create
a rule to stop the threat from spreading or hijacking client machines.
URL
Keyword—Looks for any occurrence of the letters or numbers within
a URL, and will match regardless of where the string is found (the string
"sex" would be considered a match for "http://www.encyclopedia/content/sexton.htm"
and the page blocked. Using wildcards with URL Keywords greatly increase
the chance of false positives.
String—Limits
the search to the string as a whole; for example, to target a specific
site, page, file, or other particular item.
Note:
For HTTPS decryption policies, the strings to match vary depending
on whether you set IWSVA in the proxy or transparency modes.
- In the proxy mode, IWSVA matches the domain names, not the full URL.
Therefore, you only need to specify the domain names.
- In the transparency mode (WCCP or bridge mode), IWSVA matches both
the CommonNames
and URLs. You must include these in the blocking list if you want to block
an HTTPS site.
Import
Block List and Exceptions—You can import an existing list of URLs
that you want to block or exempt from filtering. For example, if you have
a list of URLs from a third-party vendor, Web Manager, or related software
program, or a list of sites you have compiled using a text editor, you
can import the list rather than enter them one-by-one in the Match
field. Imported lists must conform
to a defined standard.
