Content Gateway filtering rules
Content Gateway supports the ability to create rules that inspect requests for certain parameters and, when matched, apply a specified action. Rules can be created to:
- Deny or allow URL requests
- Insert custom headers
- Allow specified applications, or requests to specified websites to bypass user authentication
- Keep or strip header information from client requests
- Prevent specified applications from transiting the proxy
Note: To create rules for IWA, NTLM, and LDAP user authentication, see Rule-Based Authentication. To get started with Content Gateway user authentication options, see Content Gateway user
authentication.
Use the tab to create and modify filtering rules. Rules are stored in the filter.config file.
- Rules are applied in the order listed, top to bottom. Only the first match is applied. If no rule matches, the request proceeds.
- Secondary specifiers are optional. More than one secondary specifier can be used in a rule. You cannot, however, repeat a secondary specifier.
- Three filtering rules are configured by default. The first denies traffic on port 25 to all destinations. The second and third bypass user authentication for connections to 2 Forcepoint Advanced Malware Detection destinations.
- When Authentication bypass is enabled on the page of the Forcepoint Security Manager, appropriate rules are added to filter.config.
After adding, deleting, or modifying a rule, restart Content Gateway. See filter.config for information about the structure of stored rules.