TMG Enterprise Level URL Category Overrides
1 Introduction
Service Pack 1 (SP1) of Forefront TMG offers enterprise customers the ability to define URL category overrides for URL filtering, at the enterprise level.
Forefront TMG is connected to Microsoft’s URL categorization service (provided by Microsoft Reputation Services, MRS). If the categorization service returns either an “unknown” category or a category that an organization does not necessarily agree with, the organization can override the given category, that is, assign a different category to the URL.
In the RTM version of TMG this ability was available only at the array level. An organization with multiple arrays had to define the overrides for each array separately. Forefront TMG SP1 enables the organization to define enterprise level overrides that are propagated to all arrays with the enterprise configuration.
The enterprise level overrides are merged with the array level overrides on each array. We discuss the merge algorithm in Section 3.
2 Defining enterprise category overrides
In order to define (or remove) enterprise level category overrides do the following (see Figure 1):
1. In any TMG Enterprise Edition (EE) management console, click Enterprise at the top left corner.
2. On the Task pane (right side), under Enterprise Tasks, click the Configure URL Category Overrides (3rd from the top).
The array level (TMG RTM) URL Filtering Settings dialog box will appear but with just one tab – the URL Category Override tab.
Use this dialog box to enter new URLs and categories, to change categories and to remove URLs with their categories, similar to array level overrides.
Figure 1: URL Category Override screen shot
3 Merging enterprise and array level overrides
The merging of the two lists is done as follows:
1. Start with the array level list.
2. For every URL in the enterprise list
a. If the URL is not in the array level override list – add it to the list
b. If the URL is there with a different category – use the array level category (i.e. don’t replace)
This merging algorithm gives priority to the array level overrides.
Note – the merge process considers the URLs www.mycompany.com/homepage and www.mycompany/homepage/ to be the same URL, i.e. the slash at the end does not make a difference.
Once we have a single merged list, the categorization is based on the same heuristic as the array level categorization, i.e. the longest URL in the override list that fits the queried URL. Examples:
If you have www.a.com/* categorized as U and www.a.com/a/* categorized as V, then www.a.com/a/b will be categorized as V .
Author: Gabriel Koren
Reviewers: Juda Thitron and Roman Golubchyck
Comments
Anonymous
September 24, 2010
How can I add an override for a URL that is HTTPS?Anonymous
November 03, 2010
Indeed a very good read! Very informative post with pretty good insight on all aspects of the topic! Will keep visiting in future too! www.cheapestusedcomputers.comAnonymous
November 25, 2010
The comment has been removedAnonymous
November 25, 2010
<a http://manoloblahnikoutlet.com" target="_blank"> manolo blahnik outlet</a>Anonymous
November 26, 2010
I would like to appreciate the work of blog author that the person provided us with an extremely excellent information regarding the topic. I really learned something from this blog and started to contribute my ideas via commenting on this blog. Keep it up! http://www.refurbishedp4.comAnonymous
February 26, 2011
It's always amazing reading or commenting on a blog from which we get a full knowledge.Same as here I have found some really interesting information which is simply a great boost to my knowledge.