Lesson 9: Managing URLs with exceptions

Learn how to create an exception that blocks access to a specific URL, even though the URL is in a category permitted by current policies.

If you need to block a specific website in a permitted category (for example, because of misuse), you can create an exception to block just that URL, while continuing to permit the category in your policies.

Both Super Administrators and delegated administrators with appropriate permissions can create exceptions.

  • By default, exceptions created by Super Administrators take precedence over delegated administrator exceptions.
  • When Super Administrators create an exception, they can specify whether to allow delegated administrator exceptions to take priority over that exception.

See the Administrator Help for details about exception precedence.

Exercise: Create an exception to block or grant access to a URL

  1. Go to the Policy Management > Exceptions page.
  2. Under the Exceptions list, click Add.
  3. On the Add Exception page, enter a unique, meaningful Name to identify the exception.
  4. Click in the URLs box, then type in the URL that you want to block or permit (for example, blogger.com).

    If you create an exception for more than one URL, enter each URL on a separate line.

  5. To identify which clients the exception applies to, select an option appropriate to your administrative role.

    Super Administrators can select:

    • Global, meaning all clients in all roles
    • All clients in a role, then select a role from the drop-down list
    • Specific clients in any role, then select, search, or browse to identify users, groups, OUs, or IP addresses.
    Delegated administrators can select:
    • All managed clients in this role
    • Specific clients in this role, then select, search, or browse to identify users, groups, OUs, or IP addresses assigned to their role.
  6. By default, the exception Type is Block. Accept this option, or select Permit to grant access to the specified site for the clients you selected.
  7. By default, the exception is set to Never expire. If you instead select the After radio button next to Expires, you are given the option to enter an expiration date.

    After an exception expires, it is no longer applied to client requests. It remains in the list on the Exceptions page, however, until you delete it. This gives you the option to reactivate an exception by changing its expiration date.

  8. By default, the exception State is set to Active, meaning that it will start being applied to requests as soon as you cache and save your changes.

    If you are not ready to use the exception, clear the check box.

  9. Click OK to cache your changes and return to the Exceptions page, then click Save and Deploy to implement your changes.

You have completed the Policy Management section of this quick start tutorial. If you have reporting permissions, continue with Reporting.

If you do not have reporting permissions, see Where Do I Go Next? for additional resources.