Summary
This technical tutorial demonstrates how to build effective URL filtering policies within Zscaler's Zero Trust Exchange platform. The session covers three core objectives for URL filtering: protecting users and data from security threats like malware, limiting organizational liability by blocking inappropriate content such as pornography and hate speech, and reducing productivity loss from non-business websites. The presenter walks through a recommended policy structure that begins with the corporate acceptable use policy as a foundation, then implements a top-down rule hierarchy starting with specific allow/block rules, followed by global security and legal liability blocks, and concluding with category-based restrictions. Advanced configuration settings are explored, including suspicious new domain lookups, embedded site categorization, HTTP tunnel control, and domain fronting protections. The tutorial emphasizes using FQDNs rather than IP addresses in custom URL categories and enabling the retain parent category option to simplify policy troubleshooting and ensure URLs are evaluated against both original and custom categories.
