An L7 Access Profile can contain multiple entries with different attribute types: APP ID, URL category, custom URL, and URL reputation. This is used for URL filtering in a Gateway Firewall rule, in the profile field.
Layer 7 access profile has a default entry, and a user can add more entries above the default entry. Entries in the profile are evaluated in the listing order, and action is taken upon the first match.
- Select .
- Select the L7 Access Profiles tab and click Add L7 Access Profile.
- Enter a Profile Name, and optional Description.
- In the Attributes column, click Set.
- Click Add Attribute Type, and select one or more attributes from the drop-down menu:
Attribute Type Attribute Value App ID - over 750 To view available App IDs, scroll down the list, or select App IDs. URL Category - 80+ categories including social media, banking, phishing, etc. Select one or more URL categories by scrolling down the list. Custom URL - with regular expression For more details see Custom URLs. URL Reputation Choose one or more of these reputations: High Risk, Suspicious, Moderate Risk, Low Risk, Trustworthy, Unknown
- Select the rule action.
- Allow - allows matched traffic.
- Reject - rejects matched traffic.
- Reject with Response - rejects and sends the client the response page. This option is not available for the App ID attribute type. Navigate to Reject with Response message.
The Reject with Response page is sent only for http traffic. The response page will contain the URL (first 10 bytes show), Category, Source IP and message-text. Enter the message for the Reject with Response page. Click Preview Page to view the page that will be sent when access to a URL is blocked by a policy.
to view and customize the
- By default, logging is turned off. Toggle the button to activate logging.
- By default the entry is turned on. Toggle the button to deactivate the entry.
- Click Add.
- Click Apply.