Skip to content

Global and Policy Exclusions

The application allows to exclude traffic from filtering using exclusions on various levels.

Global Exclusions

Global exclusions allow administrator to exclude traffic from filtering for all proxy users at once. To access global exclusions, click on Admin UI / Global Exclusions and select which exclusion type you wish to manage.

Global Exclusions

Policy Exclusions

Policy exclusions allow administrator to customize excluded traffic for a given policy only. To access policy exclusions, click on the Admin UI and select the Policy Name. Then click on Manage Exclusions and select which exclusion type you wish to manage.

Policy Exclusions

Usually when constructing policy exclusion, application merges them with global exclusions. Sometimes though, it is required to specify a discrete list of exclusions for a given policy only. In this case, global exclusions can be ignored on the policy level in its advanced settings as shown on the following screenshot.

Policy Exclusions Advanced

Types of Exclusions

It is possible to exclude requests and responses from filtering by the following attributes.

Exclusion Type Description
Domain Name The name of the domain to exclude. Prefix the domain name with a dot to also exclude all subdomains of it. For example, .example.com excludes all subdomains of the example.com as well as the example.com domain itself.
Domain IP The IP address of the domain to exclude, for example, 192.168.1.1. Note, checking for that IP address occurs after a DNS name of the domain is resolved.
Domain Range The range of the IP addresses of domains to exclude, for example, 192.168.1.1-192.168.1.100.
Domain Subnet The subnet of the IP addresses of domains to exclude, for example, 192.168.1.0/24.
Domain Category The category of a domain name, for example, it is possible to exclude all financial or government domains from filtering and decryption.
Request URL A regular expression for the URL in the request. For example, .* regular expression matches any URL. Note, a request URL for HTTPS is only available if HTTP decryption is enabled.
Content Type MIME content type of the response, for example, it is possible to exclude any response with image/gif content type.
Detected App Name of the detected application that makes the request. For example, it is possible to exclude netflix application from filtering and decryption.