KB Article | Forcepoint Support

Notes & Warnings

If you are using delegated administration, remember that custom categories are role-specific. A custom category created in one role is not visible to administrators in other roles.

Problem Description

I want to grant specific person or group of people access to some sites. What's the best way to do this?

Resolution

The filtering policy assigned to a client (user, group, domain, organizational unit, computer, or network) determines which sites and Internet applications that client can access. The policy enforces one or more category or limited access filters to determine which sites affected users can access. To give some clients access to sites that others can't access, you create a custom category used to recategorize the sites that only certain clients should access. Block the category in all category filters except the ones used to govern those clients.

In version 7.8, Exceptions became available so custom categories wouldn't always be needed. For more information, see Exceptions to Web Protection Policies

For prior versions, or as an alternative to Exceptions if there are many in the environment:

Step 1: Create a custom category.

To supplement the Forcepoint-defined Master Database categories, you can create your own custom categories to further refine filtering. You can add custom categories to the User-Defined parent category, or to any other parent category.

For instructions, see Creating a Custom Category
Note You can create up to a total of 63,000 custom categories.

Now you can permit the custom category in only the category filters applied to the clients who should access the sites in the category.

Step 2: Create a category filter for the clients with specific access needs.

To give certain clients access to the sites assigned to your new, custom category, create one or more category filters that permit the category.

For instructions see Creating a Category Filter.

Step 3: Edit the category filter to permit the custom category.
  1. In Forcepoint Manager, go to Policy Management > Filters, and then click a category filter name.
  2. Select the custom category in the Categories list.
  3. Click a button at the bottom of the Categories list to assign a new action (Permit, Confirm, or Quota) to the category.
Important Changes that you make to this category filter affect all policies that enforce the filter. Make sure that the filter is used for only the clients that should have access to the sites in the custom category.
  1. Click OK to cache the change. Changes are not implemented until you click Save All.
Step 4: Create and activate a policy that enforces the new filter.

For instructions, see Working with Filters.





Keywords: custom category issue; whitelist URL; alternative for exception; allow URL; exception

Article Feedback



Thank you for the feedback and comments.