Sep 27 2023 02:08 PM
Sep 27 2023 02:08 PM
We have Web Content Filtering to block selected categories. WCF is working well as intended that browsing the selected categories is blocked on both Edge and Chrome browsers.
We also have a list of domains/URLs in Indicators to allow browsing some sites that are categorically blocked by WCF. However, users are still blocked from browsing those domains/URLs.
We select streaming media to block in WCF. Users are blocked from browsing Youtube and Vimeo sites on both Edge and Chrome browsers.
We then added the following domains/URLs in the Indicators with 'Allow' action.
(the reason we used different formats is to determine what works in case we were not using the correct format.)
However, users are still blocked from browsing the sites.
I understand it can take up to 2 hours before indicators work. It's been days/weeks since they were added in.
To make sure the sites were not blocked by something else other than WCF, we also removed High Bandwidth category (that includes Streaming Media) from WCF selection. Within 15 minutes the users can browse both Youtube and Vimeo. When the category is re-selected, users are blocked from those sites within 15 minutes. So I believe we can confidently say the behaviour is not caused by some other control than WCF.
We also have a URL with 'Block' settings in the Indicator where the URL is not categorically blocked by WCF. Users can browse the website any issues.
So, it seems the entire Indicator URLs/Domains has no effect on the devices.
WCF is applied to a group of selected devices. Indicators are set to apply to all devices in the organization.
Sep 27 2023 03:01 PM
Sep 27 2023 03:20 PM
@eliekarkafy Thanks for your feedback. However, it appears the discussion you mentioned is about WCF not working on 3rd party browsers due to lack of support on SSL inspection. In our case, WCF works well with both Edge and Chrome browsers. Our issue is the list of URLs/Domain in the indicators to override WCF settings are not being followed by the end devices on either Edge or Chrome browsers.
Sep 27 2023 03:47 PM
@IsaacPark did you had the chance to check web protection reports to see the streaming web categories and how the URL format that is being blocked?
Sep 27 2023 04:08 PM
Sep 27 2023 05:14 PM
@eliekarkafy , yes but in a slight different approach. I made one domain without https:// and another with http:// so we can narrow down what format works quicker.
It's not there any more but we also tried with http:// prefix. It did not make any difference.
Sep 28 2023 01:18 AM
@IsaacPark that's weird, with that in place you should be able to override the blocked category. I suggest you open a ticket with the Microsoft security team so they can check your tenant in the backend.
Sep 28 2023 01:41 PM
Oct 10 2023 07:07 PMSolution
Oct 11 2023 12:36 AM - edited Oct 11 2023 12:39 AM
that needs to be enabled for sure when you want to allow/block custom URLs , IP addresses , etc .... i though that you already enabled that in your initial configuration. thanks for sharing. Dont forget to enable network protection in block mode for better security towards malicious sites
Nov 23 2023 07:53 AM
Nov 23 2023 08:58 PM
@Jakob_312 Thanks for sharing. I, too, went over many MS articles on setting up indicators but did not find a single article that mentioned that there is a setting under Advanced Features that you need to turn on. It's either never mentioned or very hard to find. I am glad to hear this helped.