Home > Security and SD-WAN > Content Filtering and Threat Protection > Content Filtering Rule Priority

Content Filtering Rule Priority

Table of contents
No headers

There are a number of different ways on the MX to use content filtering to block or allow access to websites. In circumstances where different filtering options contradict one another, the following priority applies (from highest to lowest priority):

  1. Blocked and whitelisted URL patterns.

  2. Content filtering rules applied via Group Policy (using Active Directory or otherwise)

  3. Global content filtering rules.


Practically speaking, with these rules in mind, consider the following best practices for content filtering design:

  • Global content filtering rules should be designed as the "default" network experience.
  • Group Policies should be used to create a "custom" network experience for users, which can be made either more or less restrictive than the default.
  • URL patterns should be used to append or whitelist a specific URL from the configured blocked categories.

Layer 3/7 firewall rules supersede content filtering rules. Best practice is to only use content filtering for controlling web traffic, and reserve firewall rules for other applications.


Last modified



This page has no classifications.

Explore the Product

Click to Learn More

Article ID

ID: 1363

Explore Meraki

You can find out more about Cisco Meraki on our main site, including information on products, contacting sales and finding a vendor.

Explore Meraki

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case

Ask the Community

In the Meraki Community, you can keep track of the latest announcements, find answers provided by fellow Meraki users and ask questions of your own.

Visit the Community