Skip to content
The XG Series hardware appliances will reach end-of-life (EOL) on March 31, 2025. Click here to see the XG to XGS migration documentation.

Modify rules and policies from Log viewer

You can edit web policies, NAT and firewall rules, and IPS policies from the Log viewer as follows:

  • Exclude a website or web category from decryption:

    1. Select SSL/TLS inspection from the module drop-down menu.
    2. Scroll to the right to the Manage column and select Exclude.
    3. Select an option from the following list in the pop-up window and then select Exclude.

      • Subdomain or Domain: Domains and subdomains are added to the URL group Local TLS exclusion list.

        The list appears under Categories and websites in SSL/TLS inspection rules.

      • Web category: Web categories are added to the rule Exclusions by website or category.

        The list appears on the SSL/TLS inspection rules' list page.

      • Other properties: Select the SSL/TLS inspection rule to specify other objects, such as usernames and IP addresses.

    Note

    The Exclude option isn't shown for traffic with error IDs 19004 (allowed traffic) and 19005 (blocked by a web policy).

  • Remove a signature for an IPS policy: Click a signature ID and select Disable signature for this IPS policy.

  • Edit a rule or policy: When you click a web policy, NAT rule, or firewall rule, you can follow a link back to the web admin console to edit the policy or rule.

    Filter a NAT rule.