![\"Figure1-500x139\"](\"https:\/\/www.paloaltonetworks.com\/blog\/wp-content\/uploads\/2014\/10\/Figure1-500x139.png\")
<\/span><\/div><\/p>\nFigure 1<\/strong>: URL Category in the security policy.<\/p>\n If you do not see the URL Category column on your interface, it is most likely hidden from view. You can unhide it first by clicking the down arrow in any items such as \u201cAction\u201d or \u201dProfile\u201d; I used \u201cAction\u201d this time (Figure 2<\/strong>). Then move your mouse on \u201cColumns\u201d and check the \u201cURL Category\u201d box near the bottom of the list.<\/p>\n Figure 2<\/strong>: Unhiding the URL Category column.<\/p>\n \u00a0The following examples show what can be done with URL categories.<\/p>\n 1. Block file transfer from unknown sites.<\/strong><\/p>\n An \u201cunknown\u201d URL most likely refers to a newly registered or unregistered URL, which is often used by cybercriminals. The files from \u201cunknown\u201d URLs can be considered high-risk files. You can block all file types from such \u201cunknown\u201d URL by creating the \u201cblock download from unknown\u201d security policy shown in Figure 3<\/strong>. This means any files that might be transferred from an unknown URL will be blocked.<\/p>\n 2. Decrypt SSL for specified URL category.<\/strong><\/p>\n In our 2014\u00a0Application Usage and Threat Report<\/a>,\u00a0we discovered 34% of all applications seen on enterprise networks use SSL. The risk of malicious activities and compromises are often hidden in SSL. Palo Alto Networks provides the ability to decrypt SSL based on URL categories. For example, you may want to decrypt and inspect webmail to block malware or sensitive files, but may not want to decrypt sensitive web activities such as online-banking to protect end-user\u2019s privacy.<\/p>\n By applying decryption to the \u201cweb-based-email\u201d URL category, you can decrypt webmail and apply other security features such as antivirus and data filtering.<\/p>\n In addition, you can choose not to decrypt online banking, by choosing the \u201cfinancial services\u201d URL category as \u201cNo Decrypt.\u201d<\/p>\n 3. Limit streaming media bandwidth during only business hours.<\/strong><\/p>\n![\"Figure2\"](\"https:\/\/www.paloaltonetworks.com\/blog\/wp-content\/uploads\/2014\/09\/Figure2-230x252.png\")
<\/span><\/div><\/center><\/p>\n![\"Figure3\"](\"https:\/\/www.paloaltonetworks.com\/blog\/wp-content\/uploads\/2014\/09\/Figure3.png\")
<\/span><\/div><\/a>
\nFigure 3:<\/strong>\u00a0Block download security policy.<\/p>\n<\/span><\/div><\/a>
\nFigure 4<\/strong>. Decryption policies based on URL category.<\/p>\n<\/span><\/div><\/a>
\nFigure 5:<\/strong>\u00a0Limit streaming in quality of service (QoS) policy.<\/p>\n