Allow some HTTPS traffic to bypass scanning

This rule set allows web requests sent to the configured domains, hosts, WebEx servers, or Citrix servers to bypass HTTPS scanning and go directly to the internet.

When these rules are applied to a web request and the request is allowed, all further rule processing stops.

Note: From this rule set, you can open and configure the HTTPS Connection and Certificate Verification Options features.

Task

  1. From the MVISION Cloud navigation bar, select PolicyWeb PolicyPolicy.
  2. In the policy tree, select HTTPS ScanningHTTPS Connection Options.
  3. Optionally configure criteria to limit the scope of this rule set.
  4. Select the HTTPS connection rules that you want enabled. When selected, the rules:
    • Do not HTTPS Scan these domains or hosts — Allows web requests sent to the domains or hosts in this list to bypass filtering.
    • Do not HTTPS Scan WebEx Servers — Allows web requests sent to the WebEx server IP ranges in this list to bypass filtering.
    • Do not HTTPS Scan Citrix Servers — Allows web requests sent to the Citrix server IP ranges in this list to bypass filtering.
    Note: Traffic sent to WebEx and Citrix servers is preconfigured to bypass HTTPS scanning, because it can't be scanned as web traffic. These settings can't be changed.
  5. Configure the lists associated with the rules as needed.

Results

Changes to the policy tree, rule sets, or rules are automatically saved. You can publish them to the cloud now or keep working and publish later.