Enabling Risk-based URL Filtering
Filter URLs in the Internet Threat Protection (ITP) policy settings in SonicWall Cloud Secure Edge (CSE)
Risk-based URL Filtering Overview
Risk-based URL filtering allows admins to inspect host URLs (i.e., to determine threats associated with URLs and block or allow access accordingly). Admins enable Risk-based URL Filtering on an Internet Threat Protection (ITP) policy in the CSE Command Center.
URL exceptions and explicit URL blocks are no longer configured inside Risk-based URL Filtering. They are configured in the consolidated Domain & URL Bypass and Domain & URL Blocking fields on the ITP policy itself. See Manage Internet Threat Protection (ITP) Policies for the current flow. Existing URL Allowlist and Explicit URL Blocking entries were migrated automatically when the consolidated fields shipped.
Pre-requisites
- mac or Windows device (not available for Linux or Chromebook)
- SIA advanced license
- ITP policy associated with your device
- Desktop app version v3.26.0 or later
- SSL decryption is turned on in the ITP policy’s Assignment progression. Risk-based URL Filtering is unavailable when SSL decryption is off.
Steps to Configure Risk-based URL Filtering
Step 1: Navigate to URL Filtering in an ITP Policy
1.1 Navigate from Internet Access > Internet Threat Protection, and select an existing ITP policy.
1.2 Under the Filtering and Exceptions tab, navigate to URL Filtering.
Step 2: Enable Risk-based URL Filtering
2.1 Toggle on Risk-based URL Filtering.
Note: Only those URLs which are not already explicitly blocked by Category, Domain, and Application Filtering or enabled Threat Protections will be inspected.
Step 3: Add bypasses or blocks for specific URLs
URL bypasses and URL blocks are configured on the parent ITP policy in the consolidated Domain & URL Bypass and Domain & URL Blocking fields, not inside Risk-based URL Filtering. SSL decryption must be on for URL entries to be enforced.
- To bypass a URL from Risk-based URL Filtering (and every other ITP block rule), add the URL to Domain & URL Bypass on the ITP policy. See Step 3.3 of the ITP creation flow.
- To explicitly block a URL, add the URL to Domain & URL Blocking on the same policy. See Step 3.2 of the ITP creation flow.
Note: Bypasses are processed before any block rule, including Risk-based URL Filtering. See How ITP rules are processed for the full evaluation order.