Home > Security Appliances > Content Filtering and Threat Protection > URL Blocking and Whitelisting Patterns

URL Blocking and Whitelisting Patterns

Table of contents
No headers

This article focuses on the Content Filtering feature of the Meraki MX Security Appliance. This feature is important because it can be utilized to control the type of content can be reached on the Internet. This is key when an administrator would like to limit the type of content his/her clients can reach.

Operation:

Meraki MX Security Appliances integrate with Bright Cloud website reputation categories to group certain types of websites. When a user sends a HTTP request out to a website, the traffic will pass through the MX. The MX will try to match the URL against whitelisted/blocked URL rules and then against blocked categories. If there is a match, the MX will apply the correct rule to the client (i.e. forward the traffic out or send a block redirect page to the client). 

Category blocking will block all the websites that contain that type of content. URL blocking will block the URL specifically, ranging from the website as a whole, or specific parts of a website. More information on this can be found under the MX Content Filtering page.

Example Configuration:

In the above example, any content that relates to government will be blocked because the 'Government' category is selected. There is also a Whitelist entry. Whitelisted URL's will be permitted before they are blocked by the Category. In this case, when a client sends a packet matching the URL of "whitehouse.gov/blog", the packet will be forwarded out allowing the user to reach that website even though the 'Government' category is blocked.

Although the URL "whitehouse.gov/blog" can be reached, the client will only be able to reach that URL. If the user tries to reach any other portion of the site that does not begin with that URL, they would be blocked. When very specific URLs are blocked (i.e. more specific than whitehouse.gov), it is advised to test the ability to reach the website. Other portions of that website may be stored in other areas of the web server, and this will cause the page to appear as broken.

You must to post a comment.
Last modified

Tags

Classifications

This page has no classifications.

Explore the Product

Click to Learn More

Article ID

ID: 1498

Explore Meraki

You can find out more about Cisco Meraki on our main site, including information on products, contacting sales and finding a vendor.

Explore Meraki

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case

Ask the Community

In the Meraki Community, you can keep track of the latest announcements, find answers provided by fellow Meraki users and ask questions of your own.

Visit the Community