Configuring exclusions in traffic processing rules
December 13, 2023
Prior to creating exclusions for CONNECT requests, make sure that you have enabled decryption of TLS/SSL connections. Otherwise, encrypted connections will not be scanned by the Anti-Virus and Anti-Phishing modules. This could lead to infection of users' computers.
To configure exclusions for CONNECT requests in traffic processing rules:
- In the application web interface, select the Rules section.
- Select the Access tab.
- Select the rule for which you need to correctly display the block page or redirect the user.
The View rule page opens.
- Click Edit.
The Edit rule page opens.
- Select the Exclusions tab.
- Click + Add exclusion.
- If you want to add an exclusion only for users that satisfy the defined criteria, in the Initiator settings group click + Rule criteria and specify the necessary criteria.
If criteria are not defined, the exclusion is applied to all users.
- In the Traffic filter settings group, click + Rule criteria.
- In the drop-down list that appears on the left, select HTTP Method.
- In the drop-down list on the right, select CONNECT.
- Click Save.
The exclusion is now configured. The application will not scan HTTP messages that contain the CONNECT method.