- The Policy is created similar to the Firewall policy: allow specific connections through, followed by a cleanup drop rule.
- The category "Web Browser" allows / drops the traffic that is matched to that rule.
The Policy is designed to be written as a Cleanup "Any Any Allow", as opposed to an "Any Any Drop"
Web Browser category is meant to allow/block certain browsers. If policy allows everything from that category, then every connection made from the browsers listed will be allowed, and no other rules below will be followed. Same concept applies if policy is set to "Drop".
Follow these steps in SmartDashboard:
- Change the Application & URL Filtering Policy, so that you have "Drop" rules are located above the Cleanup "Allow" rule.
- Modify the Application & URL Filtering Policy, so that the "Web Browser" category is used correctly (as explained in the "Cause" field), or remove it from the Policy, altogether.
- Install policy on Security Gateway.
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.