Recommended URL/SSL filter profiles
| Policy section | Description | URL categories | Recommended operations | |||
|---|---|---|---|---|---|---|
| "permissive" profile | "standard" profile | "restrictive" profile | URL filtering | SSL filtering | ||
| 1 - Compromised URLs |
Category that groups malicious URLs, and which Stormshield's security teams continuously update. |
compromised_urls |
Block | Block without decrypting | ||
| 2 - Always block |
Illegal, dangerous and violent content |
phishing malware untrusted fraud spam pua miner c&c homograph drugs hacking hate illegal illegalactivities narcotics narcoticsgeneral marijuana maturecontent piracy porn sexualcontent suicide weapons |
"permissive" + profile
malware-hd gambling nudity sextoys sexualeducation onlinedating occult |
"standard" + profile
tabloids timewasters alcohol tobacco webproxy ads im lingerie games astrology filesharing travel religion hobbies entertainment |
Block | Block without decrypting |
|
3 - Always pass, never decrypt (GDPR) |
Content that requires the protection of user data (banking, healthcare, etc.) |
pharmacy health financial webmail portals |
pharmacy health financial webmail |
Pass | Pass without decrypting | |
| 4 - Always pass, can be decrypted | Content relating to the organization's business sector and which users require for work |
privateipaddress searchengines government education business
+ according to business sector (examples): auto news food travel ... |
privateipaddress searchengines government business |
privateipaddress |
Pass | Decrypt |
| 5 - Block recommended | Content that should be blocked, but without preventing users from visiting websites that fall under "Always pass" sections |
alcohol tobacco malware-hd gambling nudity sextoys timewasters webproxy sexualeducation onlinedating occult |
tabloids timewasters alcohol tobacco webproxy ads im lingerie games astrology filesharing travel religion hobbies entertainment |
Block | Block without decrypting | |
| 6 - Pass recommended | Content that should be allowed, so that users are not prevented from browsing the Internet. Some categories can also be allowed only during specific time slots (social media during lunch break, for example). |
unknown misc computerandsoftware hosting videos advice blogs tabloids ads socialnetworks society sports realestate |
unknown misc computerandsoftware hosting |
unknown misc computerandsoftware hosting government searchengines business |
Pass | Decrypt |
| 7 - Pass (Any) | Action applied to any website that has not been categorized by previous rules |
Any |
Any |
Any |
Pass except for the "restrictive" profile: Block |
Decrypt except for the "restrictive" profile: Block without decrypting |
| - | Other available categories |
astrology entertainment filesharing travel games hobbies im jobsearch kids lifestyle lingerie onlinepay photosonline onlineshop pets radiomusic religion |
advice blogs auto food education news jobsearch kids lifestyle onlinepay photosonline onlineshop pets portals radiomusic realestate socialnetworks society sports videos |
advice blogs auto food education news jobsearch kids lifestyle onlinepay photosonline onlineshop pets portals radiomusic realestate socialnetworks society sports videos pharmacy health financial webmail |
- | - |