Solved: FMC URL filter rule priority

josef84 · ‎03-15-2024

Hello,

I have a situation where I have to create a URL filter, however, I'm not sure about the impact of the rule, or what order it should be processed in.

1. There are 3 URL's that need to be accessed by a group of networks, ONLY these networks can access these URL's. By creating this rule, all other networks will be implicitly denied access to the URL, correct?

2. I have other networks that still need HTTPS access to other sites, but not the 3 URL's, will these networks be unaffected by the previous rule at the top of my policy?

Thank you.

Rob Ingram · ‎03-15-2024

@josef84 no, you would need a rule to explictly deny traffic to those 3 URLs higher up in the ruleset to deny access.

If you create a rule for a group of networks to access those 3 URLs, those networks would match that rule, any other network that does not match that rule will be processed by the remaining rules in access control policy. This may mean they are processed by the HTTPS rule you refer to.

View solution in original post

Rob Ingram · ‎03-15-2024

@josef84 no, you would need a rule to explictly deny traffic to those 3 URLs higher up in the ruleset to deny access.

If you create a rule for a group of networks to access those 3 URLs, those networks would match that rule, any other network that does not match that rule will be processed by the remaining rules in access control policy. This may mean they are processed by the HTTPS rule you refer to.