Adding large number of Domains to Edge SWG (ProxySG) to be used in allow or block lists
Article ID: 171810
Updated On:
Products
ProxySG Software - SGOS
Issue/Introduction
Adding large number of Domains to Edge Secure Web Gateway (ProxySG) to be allowed or blocked (used as Allow or Block list).
Resolution
Adding Multiple Domains in Edge SWG quickly can be made possible either using CPL or VPM or CLI (To Add CPL in Local File)
Below Example is for "Block_list" where Action will be "DENY", if you would like to have an "Allow_list", you can just change Action to "ALLOW"
(1) Using CPL Code to add in Proxy Local Policy File
;===================================================== condition=Block_list Deny define url.domain condition Block_list domain1.com domain2.com IP_ Address1 IP_Address2 ... end ;==============================================================
(2) Using VPM
- Go to "Configuration > Policy > Visual Policy Manager > Create Web Access Layer or Add Rule in Existing Web Access Layer"
- Select "Source": Select "Any" or "Group" or "Client IP"
- Select desired "Destination": Select Set > New > Request URL Category > Policy > Create New Category (Give it Name) > Copy paste List of Domains & IP Addresses
- Set Action either ALLOW or DENY based on your requirements.
(3) Using CLI [ Recommended to Add in Local policy and not in VPM]
Blue Coat SG-S400 Series#(config)inline policy local eof; Note you can change "eof" with any name to start and end with same name. condition=Block_list Deny define url.domain condition Block_list domain1.com domain2.com IP_ Address1 IP_Address2 ... end eof Blue Coat SG-S400 Series#(config)
Feedback
Yes
No
Powered by
