Help
SurfProtect Diagnostic tools
- 12 June 2024
- 7 December 2023
- Exa Support
SurfProtect Diagnostic tools
Introduction
Located in the customer tools section of the left hand navigation menu and accessible from any page within a SurfProtect location
Profile overview
This tool directly compares your settings across the current location, comparing all overriding profiles and the Default Profile to each other.
In the image below, we have the Comparison mode active, which aids you by highlighting differing settings. The mouse is on the External IP Profile column and Violence row – showing an Active status. The contrasting results (Inactive) are highlighted in red for you.
Application control
This tool contains a number of known applications/services which do not always function correctly when being filtered by SurfProtect, and allows you to enable a control which applies known ‘fixes’ to the application/service.
The available service currently only applies to whole locations, we are currently working on a per profile solution with better customer usability.
List overview
The list overview section allows you to manage your existing lists, or create new ones. New lists can be created using the plus icon at the top of the relevant section.
As policy lists, such as Allowed URLs, are independent from Profiles and Locations, this page does not allow you to assign lists to profiles, to do that you will need to navigate to the profile itself.
Note: Changes to these lists will affect every profile using them. A notification should tell you which locations and profiles will be affected by the change.
Customer reclassification
The Customer Reclassification tool allows you to set your own URL classifications or update existing reclassifications you have already made.
For existing reclassifications, clicking on the edit (pencil) icon will allow you to change the classification for the chosen URL. Clicking the delete (bin) button will remove the reclassification.
To add a new URL classification, click on the plus icon. This will allow you to enter the URL you want to reclassify and the classification you want to give it.
To view the existing classification for a URL, you will need to use the Domain Classification tool.
To update a classification, click on the pencil button. This will allow you to select a new classification for that URL.
Domain classification
Accessible on any page, this pop-up allows you to enter a domain within the box to check what classification it has.
Domain Doctor
The SurfProtect Domain Doctor is a diagnostics tool allowing a URL to be passed to the SurfProtect service and check what filtering decision would be made and why that decision was reached.
From this point, you can update the selected SurfProtect Location and SurfProtect Profile. Once the correct Location and Profile are selected, enter the URL that you are seeing an issue with.
URL Data
Global settings: This represents the data that SurfProtect globally applies to this URL. The categories it has, whether TLS will be decrypted and whether it would be challenged for authentication.
Customer settings: Any overriding categories to URLs will be displayed here if any custom category have been applied, along with the ability to update it.
Decision Data
This is the decision response given by the SurfProtect, broken into two parts.
The first section covers the decision data itself:
- Whether the request has been rejected or permitted.
- Whether the request would have been decrypted, which may not match the global setting (Requests will always be decrypted if blocked, for example).
- Whether the request would have been challenged for authentication.
The second section covers what settings were matched against:
- The profile that was matched against.
- The setting that was matched against, be that the allowed, blocked, category lists, extensions, etc.
Decision Data
This table shows all the URLs on the page that was returned for the original URL, with an overview of the decisions for each.
Status: Whether the request was rejected or permitted
Host: The host portion of the URL
Path: The path portion of the URL
Matched setting: The setting the resource matched on, if applicable
Matched Value: The entry or specific setting that was matched, under the matched setting
Suggested Next Read
