It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Security Gateway

How can I block new and uncategorized proxies on my Barracuda Web Filter to prevent policy circumvention?

  • Type: Knowledgebase
  • Date changed: 2 years ago
Solution #00003763

Applies to all Barracuda Web Filters, all firmware versions.


Open proxies can be a so-called "moving target" for network administrators; they appear overnight and can be difficult to detect and categorize in a timely fashion. Administrators concerned about policy circumvention by the use of uncategorized proxies can enable more restrictive policies on their Barracuda Web Filter to counteract this issue. Specifically, you can enforce a policy which blocks users from accessing all uncategorized sites. To do so, perform the following steps:
  1. Open a web browser and navigate to your Barracuda Web Filter.
  2. Go to Block/Accept > Exceptions.
  3. Select Block as the Action.
  4. For the Applies To field, click on the Lookup button and select All Users under the Apply To heading.
  5. Under Category, select Content Filter.
  6. Under Sub Category/Expression, select Uncategorized, and then click Add.
  7. As necessary, adjust the precedence of the rule by clicking on the arrows on the left side of the page.
Alternatively, in firmware version 4.2, you can go to Block/Accept > Content Filter and apply a general policy for Uncategorized sites under the Other category.

The Barracuda Web Filter, in conjunction with Barracuda Central and Energize Updates, is highly effective at categorizing websites. Those legitimate sites that are not yet categorized and are as a result blocked will be fed back to Barracuda Central, which will then soon be categorized appropriately. You may also create a custom category for such a site in order to allow users to access it immediately.

Additional Notes:
You may also want to implement other restrictions, such as blocking users surfing to websites which lack domain names and are represented instead by the website's public IP address. You can refer to Solution #00001399 for instructions on implementing such a policy.