In this article
This guide outlines Filtering Policy priorities at the policy and organization level. Reference this guide when creating or troubleshooting policies to confirm the desired filtering outcome.
When creating and applying Filtering Policies, there are two things to keep in mind:
- Universal Lists always win. If a domain is on either list no other policy or environment modification can overrule it
- The most specific filtering rules are enforced. If Universal Lists are not in use, an Allow Listed domain in a User-applied Filtering Policy is the most specific rule. A domain that's allowed/blocked by a Filtering Category applied to a Network Site has the lowest priority compared to other rules in the policy.
Filtering Policy priorities
There is a specific order to how query traffic is treated dependent on where in the Filtering Policy the domain is allowed/blocked.
Find these filtering options from the DNSFilter dashboard under Policies.
This list is presented from highest priority—a domain listed here is prioritized over any other placement—to lowest priority—if the domain appears on any list above this priority that action should be expected.
Filtering Policy priority:
- Universal Allow List
- Universal Block List
- Allow List
- Block List
- Uncategorized domains
- Filtering Category (this includes policy selections under Threats, AppAware, and Extra Settings)
Organization environment priorities
With pricing plans Pro and above, Filtering Policies can be applied to Users, Collections, Relays, Roaming Clients, and Network Sites. Applying a Filtering Policy to the wrong environment attribute can disrupt usage or allow unwanted threats into the environment.
This list displays available Filtering Policy levels from most specific—a policy applied here will trump a policy applied to any other attribute—to most broad—a blanket rule that can be overruled by policies set on any of the other environment attributes.
Find these settings from the DNSFilter dashboard under Deployments.
- Users
- Collections
- Roaming Clients
- Relays (only applicable when a Relay is deployed)
- Sites
Need some troubleshooting help? These related support articles can help configure Filtering Policies.
Comments
0 comments
Please sign in to leave a comment.