(1) Check the URL filter is work or not
Add a new website of “www.baidu.com” at URL blacklist, and active it. then make test that access the baidu website. The result is the baidu website can’t be access, and user get a page show this website has been blocked by URL.
(2) Compare the different between facebook and baidu.
On the blacklist of URL, we edit this two website as same form:
Check the browser for this two website, we can find that the protocol of facebook is https, and baidu is http.
(3) Currently, URL filtering can filter HTTP and HTTPS URL requests. For HTTPS traffic, a proxy policy with the action of SSL decryption is required. URL filtering is performed for decrypted HTTPS traffic.
(4) Configure an untrusted SSL decryption certificate.
(5) Download the SSL decryption certificate to the user’s terminal, then active it.
(6) Import the CA certificates of the certificate authorities that the enterprise trusts.
(7) Specify the CA certificate used by the FW to verify the server certificate.
(8) Configure a proxy policy to decrypt HTTPS traffic.
(9) make test again at user’s terminal, the terminal will not be allowed to access facebook again.
(1)Configure a proxy policy with the action of SSL decryption.
(2)Choose the "Application" feature to control the user's bebavior.