Assigning actions to web categories

Forcepoint Web Security Cloud uses the Forcepoint URL Database to categorize websites. This database is the industry’s most accurate, current, and comprehensive classification of URLs. A combination of proprietary classification software and human inspection is used to categorize and maintain URLs to ensure protection against today’s blended threats. Content is sourced by our ThreatSeeker Intelligence network, global researchers around the globe, and customer submissions.

In web protection policies, each URL database category is associated with an action. The action tells the policy how to respond to user requests for websites in that category.

The available actions are:

  • Allow access: Ensures that websites within the category are always accessible.
  • Do not block: The website is not blocked as part of this category, but can be blocked if it exists in another category that has the Block access action assigned.
  • Require user authentication: Users must identify and authenticate themselves in order to access the site. This ensures that administrators can monitor who is accessing sites in the category.
  • Confirm: Users receive a block page that prompts them to confirm that the site is being accessed for business purposes. Users who click Continue can access the site.
  • Use Quota: Users receive a block page that asks them whether to use quota time to view the site. Users who click Use Quota Time can view the site for a predefined period.
  • Block access: Users cannot access the site unless it also exists in another category that has been assigned the Allow access action.

In addition to assigning actions to categories, you can define whether or not encrypted websites within a category are decrypted for analysis. Depending on your account, this may allow:

  • HTTPS traffic to be inspected to ensure the correct notification or authentication page is delivered to the end user
  • HTTPS traffic in categories that you specify to be analyzed for malware and other threats.

To enable SSL decryption, switch the toggle at the top of the Web Categories tab to ON. Next, specify categories to be decrypted for analysis.

To view the current categories for a policy, click the Web Categories tab.