Create a Group FQDN Filter Profile

Use the following procedure to create a group FQDN filter profile with at least two standalone profiles:

Procedure

Step 1

Navigate to Policies > Profiles > FQDN Filtering.

Step 2

Click Create.

Step 3

Provide a unique Name.

Step 4

(Optional) Enter a Description. This may help differentiate between profiles that may have a similar name.

Step 5

Specify the Type as Group.

Step 6

Select an initial standalone profile (at least one standalone profile is required).

Step 7

Click Add FQDN Profile to create a new row for additional profiles.

Step 8

Select a standalone profile.

Step 9

Specify the policy Action for uncategorized FQDNs.

Step 10

Specify the policy Action for ANY FQDNs (default).

Step 11

(Optional) Specify the Decryption Exception for uncategorized or ANY if decryption is not desired or possible. Possible reasons for considering decryption exception include:

  • Desire to not inspect encrypted traffic (financial services, defense, health care, etc.).

  • SSO authentication traffic where decryption is not possible.

  • NTLM traffic that cannot be proxied.

Step 12

Click Save.

What to do next

Attach the profile to a policy rule set. See Rule Sets and Rule Set Groups for more information.