Home > Security Appliances > Content Filtering and Threat Protection > Content Filtering Rule Priority

Content Filtering Rule Priority

Table of contents
No headers

There are a number of different ways on the MX to use content filtering to block or allow access to websites. In circumstances where different filtering options contradict one another, the following priority applies (from highest to lowest priority):

  1. Blocked and whitelisted URL patterns.

  2. Content filtering rules applied via Group Policy (using Active Directory or otherwise)

  3. Global content filtering rules.

 

Practically speaking, with these rules in mind, consider the following best practices for content filtering design:

  • Global content filtering rules should be designed as the "default" network experience.
  • Group Policies should be used to create a "custom" network experience for users, which can be made either more or less restrictive than the default.
  • URL patterns should be used to append or whitelist a specific URL from the configured blocked categories.

Note: Layer 3/7 firewall rules supersede content filtering rules. Best practice is to only use content filtering for controlling web traffic, and reserve firewall rules for other applications.

 

For additional information on content filtering and group policies, please refer to the following articles:

You must to post a comment.
Last modified
15:01, 29 Jun 2015

Tags

Classifications

This page has no classifications.

Article ID

ID: 1363

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case