Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
240
Views
0
Helpful
1
Replies

bypassed URLs in Umbrella

Go to solution
SecSuperAdmin
Level 1
Level 1

‎11-18-2025 01:09 AM

Hi, 

Where we can check the bypassed domains and URLs in Umbrella. 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Royalty
Spotlight
Spotlight

‎11-18-2025 04:12 AM - edited ‎11-18-2025 04:13 AM

Hi @SecSuperAdmin,

There can be multiple ways to check 'bypassed' domains/URLs in Umbrella depending on the subscription and which type of bypass. Just to clarify, a few different types of exceptions/bypasses:

  • Umbrella Internal Domains (Bypass both DNS lookups AND Web Proxying. Yes, it does the same thing as External Domains + the added functionality of bypassing DNS queries, so all Internal Domains are inherently External Domains too. There is no way to exempt DNS lookup redirection without also bypassing the proxy for the given domain) (All licenses)
  • Umbrella External Domains (Bypass just Web Proxying) (SIG-Essentials, SIG-Advantage)
  • Umbrella Selective Decryption List (Still proxy, but do NOT decrypt, inspect and re-sign the certificate) - (All licenses, but use case differs, e.g. in DNS can only specify categories for exemption, whereas Web Proxy can do specific domains and content categories)
  • Destination List (Still proxy and inspect but allow the site (no block page)

Q: How to check bypassed Internal Domains/URLs in Umbrella:

  • A: Go to dashboard.umbrella.com and go to Deployments > Configuration > Domain Management > Internal Domains.
  • There is no way to search from within the dashboard but you can set the 'Results per page' to 1000 and use CTRL+F to search

Q: How to check bypassed External Domains/URLs in Umbrella:

  • A: Go to dashboard.umbrella.com and go to Deployments > Configuration > Domain Management > External Domains.
  • There is no way to search from within the dashboard but you can set the 'Results per page' to 1000 and use CTRL+F to search

Q: How to check bypassed Domains/URLs from decryption and inspection (Selective Decryption List) in Umbrella:

  • A: Go to dashboard.umbrella.com and go to Policies > Policy Components > Selective Decryption List. 
  • There is no way to search through the dashboard so you would have to expand each SDL that has been created and view the categories, applications and/or specific domains listed.

Q: How to check Domains/URLs on the generic allow list  (Destination List) in Umbrella:

  • A: Go to dashboard.umbrella.com and go to Policies > Policy Components > Destination List.
  • You cannot search for specific URL entries but you can search for comments. If you have been adding URLs/Domains you could add a comment with the same name as the domain and then you only need to search on comments.
    • You would also need to find the policy that is referencing the destination list in order to know whether or not the destination list is actually being applied and who it is applied to.

 

If you have a large number of destination lists and need to find specific URLs/domains within them then you would probably find using API calls quite useful:

Umbrella API Authentication - Cloud Security API - Cisco DevNet

You can also use other methods to check the External/Internal Domains list but it depends on your Umbrella deployment method. For example, if you are using PAC files you can check the exception list there. If you're using the Cisco Secure Client you can check the SWGConfig.json files and whitelist.txt files in the sub-folders within ProgramData.

If you have any further questions just ask

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Royalty
Spotlight
Spotlight

‎11-18-2025 04:12 AM - edited ‎11-18-2025 04:13 AM

Hi @SecSuperAdmin,

There can be multiple ways to check 'bypassed' domains/URLs in Umbrella depending on the subscription and which type of bypass. Just to clarify, a few different types of exceptions/bypasses:

  • Umbrella Internal Domains (Bypass both DNS lookups AND Web Proxying. Yes, it does the same thing as External Domains + the added functionality of bypassing DNS queries, so all Internal Domains are inherently External Domains too. There is no way to exempt DNS lookup redirection without also bypassing the proxy for the given domain) (All licenses)
  • Umbrella External Domains (Bypass just Web Proxying) (SIG-Essentials, SIG-Advantage)
  • Umbrella Selective Decryption List (Still proxy, but do NOT decrypt, inspect and re-sign the certificate) - (All licenses, but use case differs, e.g. in DNS can only specify categories for exemption, whereas Web Proxy can do specific domains and content categories)
  • Destination List (Still proxy and inspect but allow the site (no block page)

Q: How to check bypassed Internal Domains/URLs in Umbrella:

  • A: Go to dashboard.umbrella.com and go to Deployments > Configuration > Domain Management > Internal Domains.
  • There is no way to search from within the dashboard but you can set the 'Results per page' to 1000 and use CTRL+F to search

Q: How to check bypassed External Domains/URLs in Umbrella:

  • A: Go to dashboard.umbrella.com and go to Deployments > Configuration > Domain Management > External Domains.
  • There is no way to search from within the dashboard but you can set the 'Results per page' to 1000 and use CTRL+F to search

Q: How to check bypassed Domains/URLs from decryption and inspection (Selective Decryption List) in Umbrella:

  • A: Go to dashboard.umbrella.com and go to Policies > Policy Components > Selective Decryption List. 
  • There is no way to search through the dashboard so you would have to expand each SDL that has been created and view the categories, applications and/or specific domains listed.

Q: How to check Domains/URLs on the generic allow list  (Destination List) in Umbrella:

  • A: Go to dashboard.umbrella.com and go to Policies > Policy Components > Destination List.
  • You cannot search for specific URL entries but you can search for comments. If you have been adding URLs/Domains you could add a comment with the same name as the domain and then you only need to search on comments.
    • You would also need to find the policy that is referencing the destination list in order to know whether or not the destination list is actually being applied and who it is applied to.

 

If you have a large number of destination lists and need to find specific URLs/domains within them then you would probably find using API calls quite useful:

Umbrella API Authentication - Cloud Security API - Cisco DevNet

You can also use other methods to check the External/Internal Domains list but it depends on your Umbrella deployment method. For example, if you are using PAC files you can check the exception list there. If you're using the Cisco Secure Client you can check the SWGConfig.json files and whitelist.txt files in the sub-folders within ProgramData.

If you have any further questions just ask

0 Helpful
Customers Also Viewed These Support Documents