Skip to content

Add a rule to a web policy

You can add rules to web policies and specify activities, content filters, and constraints.

To add a rule to a policy, do as follows:

  1. Click Add rule. The firewall creates a default rule at the top of the rule hierarchy that blocks all HTTP traffic for all users. The rule is off.
  2. Specify users.

    1. In the new rule, move the pointer over the Users field, click the user (“Anybody”), and click Add new item.
    2. Clear the Anybody check box.
    3. Select users.
    4. Click Apply selected items.

      Select users and groups.

  3. Specify activities and content filters.

    1. Move the pointer over the Activities field, click the activity (All web traffic), and click Add new item.
    2. In the Activities tab, clear the All web traffic check box.
    3. Select activities.
    4. Click Apply selected items.
    5. Click the Content filters tab and select the and with content check box.
    6. Click Add new item and select filters.
    7. Click Apply selected items.
  4. Specify an action to take when the firewall encounters HTTP traffic that matches the selected criteria.

    1. Move the pointer over the Action field and click the action indicator.

      Select the action for HTTP traffic.

    2. Select an option.

      Name Description
      Allow HTTP Allow HTTP traffic that matches the selected criteria.
      Warn HTTP Display a warning message when encountering HTTP traffic that matches the selected criteria.
      Block HTTP Block HTTP traffic that matches the selected criteria.
      Quota HTTP Allows users to select the duration in which to access a website that matches the selected criteria or to stop accessing it. Users can select up to the time quota you set for the web policy.
  5. To specify an action to take for HTTPS traffic, move the pointer to the right of the HTTP action list and select an option from the HTTPS action list.

    Select the action for HTTPS traffic.

    Name Description
    Use action

    Always applies the HTTP action.

    All web traffic: You can select a different HTTPS action.

    Content filters: You can't change this selection. The firewall always applies the same action to HTTP and HTTPS traffic that matches the content filters.

    Allow HTTPS Allows HTTPS traffic that matches the selected criteria.
    Warn HTTPS Shows a warning message when encountering HTTPS traffic that matches the selected criteria.
    Block HTTPS Blocks HTTPS traffic that matches the selected criteria.
    Quota HTTPS Allows users to select the duration in which to access a website that matches the selected criteria or to stop accessing it. Users can select up to the time quota you set for the web policy.
  6. Move the pointer over the Constraints field and select a schedule or create a new one.

  7. Click and drag the rule handle to position the rule in the hierarchy.

    Position the rule.

    The firewall evaluates rules from highest to lowest. For example, if a rule that allows all traffic precedes a rule that blocks a specific type of traffic, the rule that allows all traffic is the effective rule.

  8. Click the Status switch to turn the rule on.

    Turn on the rule.

  9. Click Save.