Configuring exceptions to Content Gateway analysis

Scanning exceptions are lists of trusted or untrusted sites (hostnames and URLs) that are never analyzed or always analyzed. The type of analysis to never or always perform is specified per hostname or URL, or group of hostnames and URLs.

You can also create a list of trusted client IP addresses whose content is never analyzed.

For an introduction to scanning options, see Content Gateway Analysis.

Use the Always Scan and Never Scan lists to refine the behavior of content categorization, tunneled protocol detection, security threats (content analysis and file analysis), and content stripping.

• When Content Categorization, Content Security, or File Analysis options are On, sites on the Always Scan list are always analyzed, and sites on the Never Scan list are never analyzed (see Configuring Content Gateway analysis).
• When the Tunneled Protocol Detection option is On or Aggressive analysis is selected, sites on the Never Scan list are never analyzed.

Use the Never Scan list with caution. If a site on the list is compromised, Forcepoint Web Security does not analyze the site and cannot detect the security problem.