KB Article | Forcepoint Support

Problem Description

Why is Forcepoint allowing users access to websites that I re-categorized to be blocked?


To resolve this issue:
  1. Verify the filtering role. Users may be associated with a role other than the Super Administrator Role.
  1. In Forcepoint Security Manager, use the "Check Policy" tool located on the far right of the GUI to verify which role is filtering clients who are not filtered as expected.
  2. Log out of Manager and log back in with a Delegated Administrator account which is a member of the displayed role.
  3. Re-categorize websites as required from that Delegated Administrator.
  1. In the case of still being blocked despite being allowed, the role other than Super Administrator is visible in the more information section of the block page when viewing source.
For more detail including screen shots and an example of where to see the role, see How do block pages work?
  1. Also ensure that there are no exceptions in place for the site in question in the following locations as applicable to the deployment:
  • Go to Forcepoint Security Manager and click Main > Policy Management > Exceptions
  • Go to Forcepoint Security Manager and click  Settings > Hybrid Configuration > Unfiltered Destinations
  • Go to Content Gateway and click Configure > SSL > Incidents (would be listed as a tunnel)
  • Go to Content Gateway and click  Configure > Network > ARM > Static Bypass (as an IP or part of an IP range)

Keywords: policy issue; filtering issue; policy check; block page more information; block page; check policy; exceptions; delegated admin; super administrator; incident list; static bypass; proxy bypass; unfiltered destination; EI-5976

Article Feedback

Thank you for the feedback and comments.