Configure Unified Threat Management (UTM) in CSO

Unified threat management (UTM) consolidates several security features to protect against multiple threat types. CSO allows you to configure antispam, antivirus, Web filtering, and content filtering profiles as part of a single UTM profile. You can then reference the UTM profile in a firewall policy intent and deploy the firewall policy to apply UTM, thereby protecting the site from multiple threat types. For more information about UTM, see UTM Overview in the CSO Customer Portal User Guide (available on the CSO Documentation page).

Explanation of Procedure

The high-level workflow for UTM in CSO is as follows:

(Optional) Configure UTM settings that are applicable to all sites in a tenant. See Configure UTM Settings for a Tenant.
CSO provides predefined Web filtering, antivirus, antispam, and content filtering profiles that you can use in the UTM profile. If you want to use customized profiles:
- (Optional) Add a Web filtering profile. See Add Web Filtering Profiles.
- (Optional) Add an antivirus profile. See Add Antivirus Profiles.
- (Optional) Add an antispam profile. See Add Antispam Profiles.
- (Optional) Add a content filtering profile. See Add Content Filtering Profiles.
CSO also provides predefined UTM profiles that you can use. You can also add customized UTM profiles. See Add UTM Profiles.
Add a firewall policy and reference the UTM profile in a firewall policy intent, and deploy the firewall policy. See Add and Deploy Firewall Policies.

Configure UTM Settings for a Tenant

You can configure unified threat management (UTM) antispam, antivirus, and Web filtering settings for a tenant that are applicable to all sites belonging to a tenant. The settings are pushed to all those sites to which a firewall policy intent with UTM enabled is applicable.

To configure UTM settings for a tenant:

Select Configuration > UTM > UTM Settings.
The Edit UTM Settings page appears.
Complete the configuration according to the guidelines provided in Table 1.
Do one of the following:
- Click Reset to reset the settings to the previously saved configuration.
- Click OK to save the changes.
  
  The settings are saved and a confirmation message is displayed. You can now navigate away from this page.

Table 1: Edit UTM Settings
Setting	Guideline
Antispam Settings	Specify the antispam settings for the tenant.
Address Whitelist	Select the URL pattern to be used as the antispam allow list. Alternatively, click Create a New URL Pattern to add a new URL pattern to use as an allowlist. For more information, see Add URL Patterns.
Address Blacklist	Select the URL pattern to be used as the antispam block list. Alternatively, click Create a New URL Pattern to add a new URL pattern to use as a block list.
Antivirus Settings	Specify the antispam settings for the tenant.
MIME Whitelist	Enter one or more MIME types (separated by commas) to include as part of the MIME allow list; these MIME types are excluded from antivirus scanning.
Exception MIME Whitelist	Enter one or more MIME types (separated by commas) that are to be excluded from the list of MIME types specified as part of the MIME allow list. This list is a subset of the MIME types that you specified in the MIME allow list. For example, if you specify video/ in the allow list and video/x-shockwave-flash in the exception allow list, all objects of MIME type video/ except MIME type video/x-shockwave-flash are excluded from antivirus scanning.
URL Whitelist	Select a URL category (that contains one or more URLs) that you want the antivirus to allow or select None if you don’t want to add any URLs to the allow list.. Alternatively, click Create a New URL Category to add a new URL category to use as an allow list. For more information, see Add URL Categories
Web Filtering Settings	Specify the Web filtering settings for the tenant.
URL Whitelist	Select a URL category (that contains one or more URLs) that you want the Web filtering system to allow or select None if you don’t want to add any URLs to the allow list. Alternatively, click Create a New URL Category to add a new URL category to use as an allow list.
URL Blacklist	Select a URL category (that contains one or more URLs) that you want the Web filtering system to add to the block list or select None if you don’t want to add any URLs to the block list. Alternatively, click Create a New URL Category to add a new URL category to use as a block list.
Site Reputation	Use the slider to specify the site reputation ranges (for the tenant) for different site categories: Harmful Suspicious Fairly-safe Moderately-safe Very-safe

Add UTM Profiles

To add a UTM profile:

Select Configuration > UTM > UTM Profiles in Customer Portal.
The UTM Profiles page appears.
Click the add icon (+).
The Create UTM Profiles wizard appears.
Complete the configuration according to the guidelines provided in Table 2.
Note:
Fields marked with an asterisk (*) are mandatory.
(Optional) Review the settings in the Summary section, and modify the settings, if required.
Click Finish.
You are returned to the UTM Profiles page, and a confirmation message is displayed when the UTM profile is added successfully. After you add a UTM profile, you can assign it to a firewall policy intent.

Table 2: Create UTM Profiles Settings
Setting	Guideline
General
Name	Enter a unique name for the UTM profile. The name can contain alphanumeric characters, hyphens, or underscores and cannot exceed 29 characters.
Description	Enter a description for the UTM profile.
Traffic Options	In an attempt to consume all available resources, a malicious user might generate a large amount of traffic all at once. To prevent such activity from succeeding, you can impose traffic options.
Connection Limit per Client	For client connections on the device, enter the connection limit per client. The default is 2000; enter 0 to indicate that there is no connection limit.
Action when connection limit is reached	Specify the action that must be taken when the connection limit is reached: No action—Don’t take any action. This is the default setting. Log and permit—Log the event and permit the connection. Block—Block the connection. Click Next to continue.
Web Filtering
Web Filtering By Traffic Protocol	You can click Create Another Profile to add a Web filtering profile that you can then assign. See Add Web Filtering Profiles.
HTTP	Select the Web filtering profile to be applied for HTTP traffic, or select None if you don’t want to apply a Web filtering profile. Click Next to continue.
Antivirus
Antivirus Profiles by Traffic Protocol	You can click Create Another Profile to add an antivirus profile that you can then assign. See Add Antivirus Profiles.
Apply to all protocols	Click the toggle button to enable the application of a single antivirus profile to all traffic protocols. You must then specify the profile in the Default Profile field. If you disable this toggle button, which is the default, you can specify antivirus profiles for each traffic type.
Default Profile	If you specified that a single antivirus profile should be applied to all traffic protocols, select the antivirus profile. Click Next to continue.
HTTP	Select the antivirus profile to be applied to HTTP traffic.
FTP Upload	Select the antivirus profile to be applied to FTP upload traffic.
FTP Download	Select the antivirus profile to be applied to FTP download traffic.
IMAP	Select the antivirus profile to be applied to Internet Message Access Protocol (IMAP)traffic.
SMTP	Select the antivirus profile to be applied to SMTP traffic.
POP3	Select the antivirus profile to be applied to Post Office Protocol 3 (POP3) traffic. Click Next to continue.
Antispam
Antispam Profiles by Traffic Protocol:	You can click Create Another Profile to add an antispam profile that you can then assign. See Add Antispam Profiles.
SMTP	Select the antispam profile to be applied for SMTP traffic. Click Next to continue.
Content Filtering
Content Filtering Profiles by Traffic Protocol:	You can click Create Another Profile to add a content filtering profile that you can then assign. See Add Content Filtering Profiles.
Apply to all protocols	Click the toggle button to enable the application of a single content filtering profile to all traffic protocols. You must then specify the profile in the Default Profile field. If you disable this toggle button, which is the default, you can specify content filtering profiles for each traffic type.
Default Profile	If you specified that a single antivirus profile should be applied to all traffic protocols, select the antivirus profile. Click Next to continue.
HTTP	Select the content filtering profile to be applied to HTTP traffic.
FTP Upload	Select the content filtering profile to be applied to FTP upload traffic.
FTP Download	Select the content filtering profile to be applied to FTP download traffic.
IMAP	Select the content filtering profile to be applied to IMAP traffic.
SMTP	Select the content filtering profile to be applied to SMTP traffic.
POP3	Select the content filtering profile to be applied to POP3 traffic. Click Next to continue.

Add Web Filtering Profiles

Web filtering profiles enable you to manage Internet usage by preventing access to inappropriate Web content over HTTP.

To add a Web filtering profile:

Select Configuration > UTM > Web Filtering Profiles in Customer Portal.
The Web Filtering Profiles page appears.
Click the add icon (+).
The Create Web Filtering Profiles wizard appears.
Complete the configuration according to the guidelines provided in Table 3.
Note:
Fields marked with an asterisk (*) are mandatory.
(Optional) Review the settings in the Summary section, and modify the settings, if required.
Click Finish.
You are returned to the Web Filtering Profiles page, and a confirmation message is displayed when the Web filtering profile is added successfully. After you add a Web filtering profile, you can associate with a UTM profile.

Table 3: Create Web Filtering Profiles Settings
Setting	Guideline
General
General Information
Name	Enter a unique name for the Web filtering profile. The name can contain alphanumeric characters, hyphens, or underscores and cannot exceed 29 characters.
Description	Enter a description for the Web filtering profile.
Timeout	Enter the time (in seconds) to wait for a response from the Websense server. The default is 15 seconds and the maximum is 1800 seconds.
Engine Type	Select an engine type for Web filtering: Juniper Enhanced—UTM-enhanced Web filtering engine. This is the default engine. Websense Redirect—Use the Websense Redirect Web filtering engine. Local—Use the local Web filtering engine For more information, see Web Filtering Overview.
Safe Search	Safe search ensures that embedded objects, such as images on the URLs received from the search engines, are safe and that undesirable content is not returned to the client. This setting is available only for the Juniper Enhanced engine type and is enabled by default. Click the toggle button to disable safe search redirects. Note: Safe search redirect supports only HTTP and you cannot extract the URL for HTTPS. Therefore, it is not possible to generate a redirect response for HTTPS search URLs.
Custom Block Message/URL	Specify the redirect URL or a custom message to be sent when HTTP requests are blocked. The maximum length is 512 characters. Note: If a message begins with http: or https:, the message is considered a block message URL. Messages that begin with values other than http: or https: are considered custom block messages.
Custom Quarantine Message	For Juniper Enhanced or local engine types, define a custom message to allow or deny access to a blocked site based on a user's response to the message. The maximum length is 512 characters. The quarantine message contains the following information: URL name Quarantine name Category (if available) Site reputation (if available) Click Next to continue.
Account	Specify the user account associated with the Websense Redirect engine.
Server	Specify the hostname or IP address for the Websense server.
Port	Specify the port number to use to communicate with the Websense server. The default port value is 15,868.
Sockets	Enter the number of sockets used for communication between the client and the Websense server. The default value is 8. Click Next to continue.
URL Categories
Deny Action List	Click the Add URL Categories link (next to the text box) to specify a list of URL categories that should be denied access. The Select URL Categories page appears. Complete the configuration according to the guidelines provided in Table 4. The list of URL categories selected is displayed in the text box.
Log & Permit Action List	Click the Add URL Categories link (next to the text box) to specify a list of URL categories that are logged and then permitted. The Select URL Categories page appears. Complete the configuration according to the guidelines provided in Table 4. The list of URL categories selected is displayed in the text box.
Permit Action List	Click the Add URL Categories link (next to the text box) to specify a list of URL categories that should be permitted access. The Select URL Categories page appears. Complete the configuration according to the guidelines provided in Table 4. The list of URL categories selected is displayed in the text box.
Quarantine Action List	Click the Add URL Categories link (next to the text box) to specify a list of URL categories that should be quarantined. The Select URL Categories page appears. Complete the configuration according to the guidelines provided in Table 4. The list of URL categories selected is displayed in the text box. Click Next to continue.
Fallback Options
Global Reputation Actions	Enhanced Web filtering intercepts HTTP and HTTPS requests and sends the HTTP URL or the HTTPS source IP to the Websense ThreatSeeker Cloud (TSC). The TSC categorizes the URL into one of the predefined categories and also provides site reputation information for the URL to the device. The device determines if it can permit or block the request based on the information provided by the TSC. By default, URLs can be processed using their reputation score if there is no URL category available. You can click the toggle button to disable global reputation actions or select the action to take for the uncategorized URLs based on their reputation score: Very Safe—Permit, log and permit, block, or quarantine a request if a site reputation of 90 through 100 is returned. By default, Permit is selected. Moderately Safe—Permit, log and permit, block, or quarantine a request if a site reputation of 80 through 89 is returned. By default, Log and Permit is selected. Fairly Safe—Permit, log and permit, block or quarantine a request if a site-reputation of 70 through 79 is returned. By default, Log and Permit is selected. Suspicious—Permit, log and permit, block, or quarantine a request if a site reputation of 60 through 69 is returned. By default, Quarantine is selected. Harmful—Permit, log and permit, block, or quarantine a request if a site reputation of zero through 59 is returned. By default, Block is selected.
Default Action	Choose the actions to be taken for URL categories with no assigned action and for uncategorized URLs. This is used only if no reputation action is assigned.
Fallback Action	Select the fallback action, which is used when: The ThreatSeeker Websense Cloud servers are unreachable. A timeout occurs for requests to ThreatSeeker Cloud. There are too many requests to be handled by the device. Click Next to continue.

Table 4: Select URL Categories Settings
Setting	Guideline
Show	Choose which URL categories should be displayed for selection: All categories, Custom URL categories, or Websense URL categories. The first column of the URL Categories field displays URL categories based on your selection.
URL Categories	Select one or more URL categories in the first column and click the forward arrow to confirm your selection. The selected URL categories are displayed in the second column. Click OK. You are returned to the Create Web Filtering Profiles page.

Add Antivirus Profiles

The antivirus profile defines the content to scan for any malware and the action to be taken when malware is detected. You can add an antivirus profile and then assign it to a UTM profile.

To add an antivirus profile:

Select Configuration > UTM > Antivirus Profiles in Customer Portal.
The Antivirus Profiles page appears.
Click the add icon (+).
The Create Antivirus Profiles wizard appears.
Complete the configuration according to the guidelines provided in Table 5.
Note:
Fields marked with an asterisk (*) are mandatory.
(Optional) Review the settings in the Summary section, and modify the settings, if required.
Click Finish.
You are returned to the Antivirus Profiles page, and a confirmation message is displayed when the antivirus profile is added successfully. After you add an antivirus profile, you can associate with a UTM profile.

Table 5: Create Antivirus Profile Settings
Setting	Guideline
General
General Information
Name	Enter a unique name for the antivirus profile. The name can contain alphanumeric characters, hyphens, or underscores and cannot exceed 29 characters.
Description	Enter a description for the antivirus profile.
Engine Type	Displays the engine type used for scanning. Currently, Sophos is the only antivirus engine supported. Sophos antivirus is an in-the-cloud antivirus solution. The virus and malware database is located on external servers maintained by Sophos (Sophos Extensible List) servers, thus there is no need to download and maintain large pattern databases on the Juniper Networks device. Click Next to continue.
Fallback Options	Fallback options are used when the antivirus system experiences errors and must fall back to one of the previously configured actions to either deny (block) or permit the object. You can specify the fallback options to use when there is a failure, or select the default action if no specific options are to be configured:
Content Size	Select the action to be taken on the content(None, Log and Permit, or , Block [default]) if the content size exceeds the defined limit.
Content Size Limit	Enter the content size limit, in kilobytes (KB), based on which action is taken. The range is 20 through 40,000 KB. The content size limit check occurs before the scan request is sent. The content size refers to accumulated TCP payload size.
Engine Error	Select the action to take (None, Log and Permit, or , Block [default]) when an engine error occurs. The term engine error refers all engine errors, including engine not ready, timeout, too many requests, password protected, corrupt file, decompress layer, and out of resources.
Default Action	Select the default action to take (None, Log and Permit, or , Block [default]) when an engine error occurs. Click Next to continue.
Notification Options	Use the notification options to configure a method of notifying the user when a fallback occurs (block or non-block) or when a virus is detected:
Fallback Deny	Click the toggle button to enable fallback notifications to e-mail senders when their messages are blocked. By default, fallback block notifications are disabled. If you enable notifications, you can configure the following additional parameters: Notification Type—Select the type of notification to be sent: None—Don’t sent notifications. Protocol—Send a protocol-specific notification. With protocol-only notifications, a protocol-specific error code might be sent. Message—Send a generic notification. Custom Message Subject—Enter the subject line that you want to send for the e-mail notification when a block occurs. Custom Message—Enter the text of the e-mail to be sent for the e-mail notification when a block occurs. Display Hostname—Click the toggle button to enable the display of the computer hostname in the notification e-mail sent to the administrator when a block occurs. Allow E-Mail—Click the toggle button to enable e-mail notification to notify a specified administrator when a block occurs. Administrator E-Mail Address—Enter the administrator e-mail address that will be notified when a block occurs.
Fallback Non-Deny	Click the toggle button to enable fallback notifications to e-mail senders when their messages are not blocked. By default, fallback unblock notifications are disabled. If you enable notifications, you can configure the following additional parameters: Custom Message Subject—Enter the subject line that you want to send for the e-mail notification. Custom Message—Enter the text of the e-mail to be sent for the e-mail notification.
Virus Detected	Click the toggle button to enable notifications to e-mail senders when a virus is detected. By default, notifications are disabled. If you enable notifications, you can configure the following additional parameters: Notification Type—Select the type of notification to be sent: None—Don’t sent notifications. Protocol—Send a protocol-specific notification. With protocol-only notifications, a protocol-specific error code might be sent. Message—Send a generic notification. Custom Message Subject—Enter the subject line that you want to send for the e-mail notification when a virus is detected. Custom Message—Enter the text of the e-mail to be sent for the e-mail notification when a virus is detected. Click Next to continue.

Add Antispam Profiles

E-mail spam consists of unwanted e-mail messages usually sent by commercial, malicious, or fraudulent entities. When the device detects an e-mail message deemed to be spam, it either blocks the message or tags the message header or subject field with a preprogrammed string. Antispam filtering allows you to use a third-party server-based spam block list (SBL) and to optionally add your own local allow lists (benign) and block lists (malicious) for filtering against e-mail messages.

Note:

Sophos updates and maintains the IP-based SBL. Antispam is a separately licensed subscription service.

To add an antispam profile:

Select Configuration > UTM > Antispam Profiles in Customer Portal.
The Antispam Profiles page appears.
Click the add icon (+).
The Create Antispam Profiles wizard appears.
Complete the configuration according to the guidelines provided in Table 6.
Note:
Fields marked with an asterisk (*) are mandatory.
Click OK.
You are returned to the Antispam Profiles page, and a confirmation message is displayed when the antispam profile is added successfully. After you add an antispam profile, you can associate with a UTM profile.

Table 6: Create Antispam Profile Settings
Setting	Guideline
General Information
Name	Enter a unique name for the antispam profile. The name can contain alphanumeric characters, hyphens, or underscores and cannot exceed 29 characters.
Description	Enter a description for the antispam profile.
Sophos Blacklist	Click the toggle button to enable the use of server-based spam filtering. If the toggle button is disabled, which is the default, local spam filtering is used. Server-based antispam filtering requires Internet connectivity with the SBL server. Domain Name Service (DNS) is required to access the SBL server. The firewall performs SBL lookups using the DNS protocol. Note: Server-based spam filtering supports only IP-based spam block list blocklist lookup. Sophos updates and maintains the IP-based spam block list. Server-based antispam filtering is a separately licensed subscription service.
Action
Default Action	Select the action to be taken when spam is detected: Tag Email Subject Line—Tag the subject line of the e-mail with the configured custom tag. Tag SMTP Header—Tag the SMTP header of the e-mail with the configured custom tag. Block Email—Block the e-mail. None—Don’t take any action.
Custom Tag	Enter the tag to use for identifying a message as spam. The maximum length is 512 characters, and the default is *SPAM*.

Add Content Filtering Profiles

Content filtering blocks or permits certain types of traffic based on the MIME type, file extension, and protocol command. The content filter controls file transfers across the device by checking traffic against configured filter lists. Table 7 displays the types of content filters that you can configure as part of a content filtering profile.

Note:

The content filtering profile evaluates traffic before all other UTM profiles. Therefore, if traffic meets criteria configured in the content filter, the content filter acts first upon this traffic.

Table 7: Supported Content Filter Types
Type	Description
MIME pattern filter	MIME patterns are used to identify the type of traffic in HTTP and MAIL protocols. There are two lists of MIME patterns that are used by the content filter to determine the action to be taken. The block MIME list contains a list of MIME type traffic that is to be blocked. The MIME exception list contains MIME patterns that are not to be blocked by the content filter and are generally subsets of items on the block list. Note: The exception list has a higher priority than the block list.
Block Extension List	Because the name of a file is available during the transfers, using file extensions is a highly practical way to block or allow file transfers. All protocols support the use of the block extension list.
Protocol Command Block and Permit Lists	Different protocols use different commands to communicate between servers and clients. By blocking or allowing certain commands, traffic can be controlled on the protocol command level. The block or permit command lists are intended to be used in combination, with the permit list acting as an exception list to the block list. Note: If a protocol command appears on both the permit list and the block list, the command is permitted.

To add a content filtering profile:

Select Configuration > UTM > Content Filtering Profiles in Customer Portal.
The Content Filtering Profiles page appears.
Click the add icon (+).
The Create Content Filtering Profiles wizard appears.
Complete the configuration according to the guidelines provided in Table 8.
Note:
Fields marked with an asterisk (*) are mandatory.
(Optional) Review the settings in the Summary section, and modify the settings, if required.
Click Finish.
You are returned to the Content Filtering Profiles page, and a confirmation message is displayed when the content filtering s profile is added successfully. After you add a content filtering profile, you can associate with a UTM profile.

Table 8: Create Content Filtering Profiles Settings
Setting	Guideline
General
General Information
Name	Enter a unique name for the content filtering profile. The name can contain alphanumeric characters, hyphens, or underscores and cannot exceed 29 characters.
Description	Enter a description for the content filtering profile.
Notification Options
Notify Mail Sender	Click the toggle button to enable a notification when a content filter is matched. Notifications are disabled by default.
Notification Type	Select the type of notification to send: None—Don’t sent notifications. Protocol—Send a protocol-specific notification. With protocol-only notifications, a protocol-specific error code might be sent. Message—Send a generic notification.
Custom Notification Message	Enter a custom notification message. The maximum length is 512 characters. Click Next to continue.
Filter Settings
Protocol Commands
Command Block List	Enter the protocol commands to be blocked for the HTTP, FTP, SMTP, IMAP, and POP3 protocols. Use commas to separate each command. Protocol commands allow you to control traffic at the protocol-command level.
Command Permit List	Enter specific commands to be permitted for the HTTP, FTP, SMTP, IMAP, and POP3 protocols. Use commas to separate each command.
Block Content Type	Use the content filter to block other types of harmful files that the MIME type or the file extension cannot control. Select one or more of the following types of content blocking (supported only for HTTP): ActiveX Windows executables (.exe) HTTP cookie Java applet ZIP files
Extension Block List	You use a file extension list to define a set of file extensions to block over HTTP, FTP, SMTP, IMAP, and POP3. Enter file extensions to block separated by commas. For example, exe, pdf, js, and so on.
MIME Block List	Enter the MIME types that you want to block over HTTP, FTP, SMTP, IMAP, and POP3 connections. Use commas to separate each MIME type.
MIME Permit List	Enter the MIME types that you want to permit over HTTP, FTP, SMTP, IMAP, and POP3 connections. Use commas to separate each MIME type. Click Next to continue.

Add URL Patterns

You can add URL patterns, and, optionally, assign URL patterns to a URL category.

To add a URL pattern:

Select Configuration > UTM > URL Patterns in Customer Portal.
The URL Patterns page appears.
Click the add icon (+).
The Create URL Patterns page is displayed.
Complete the configuration according to the guidelines provided in Table 9.
Note:
Fields marked with an asterisk (*) are mandatory.
Click OK.
You are returned to the URL Patterns page, and a confirmation message is displayed when the URL pattern is added.

Table 9: Create URL Patterns Settings
Settings	Guidelines
Name	Enter a unique name for the URL pattern. The name must begin with a letter or an underscore (_) and can contain alphanumeric character, hyphens, and underscores. The maximum length is 29 characters.
Description	Enter a description for the URL pattern. The maximum length is 255 characters.
URL Category	Select the URL category to which you want to assign the URL pattern. Alternatively, click Create New URL Category to add a URL category, enter the URL category name in the text box, and click Save to assign the URL pattern to the new URL category.
[Add URLs]	Click the add (+) icon, enter the URL in the inline text box that appears in the table, and click √ (check mark) to save the URL. You can enter additional URLs if needed. Note: The following wildcard characters are supported: asterisk (), period (.), square brackets ([]), question mark (?) Precede all wildcard characters with http://. The asterisk () can only be used at the beginning of a URL and must be followed by a period (.). The question mark (?) can only be used at the end of a URL. The following are examples of wildcard syntaxes that are supported: http://.example.net, http://www.example.ne?, and http://www.example.n??. The following are examples of wildcard syntaxes that are not supported: .example.???, http://*example.net, http://?, and www.example.ne?.

Add URL Categories

A URL category is a list of URL patterns grouped under a single title.

To add a URL category:

Select Configuration > UTM > URL Categories in Customer Portal.
The URL Categories page appears.
Click the add icon (+).
The Create URL Categories page is displayed.
Complete the configuration according to the guidelines provided in Table 10.
Note:
Fields marked with an asterisk (*) are mandatory.
Click OK.
You are returned to the URL Categories page, and a confirmation message is displayed when the URL category is added.

Table 10: Create URL Categories Settings
Settings	Guidelines
Name	Enter a unique name for the URL category. The name must begin with a letter or an underscore (_) and can contain alphanumeric characters, hyphens, and underscores. The maximum length is 59 characters.
Description	Enter a description for the URL category.
URL Patterns	Select one or more URL patterns and click the forward arrow (>) to confirm your selection. The selected URL patterns are displayed in the column on the right. Alternatively, click Create a New Pattern to add a URL pattern and assign it to the URL category. For more information, see Add URL Patterns.

ON THIS PAGE