@PhilipDAth wrote: > are there particular root causes that are particularly pernicious to track down I find tracking down access because of firewall rules can take a while, because they can be configured in so many places. I agree - there is the layer 7 rules, layer 3 rules, content category/url filtering, dns filtering. If it's only blocked because of DNS - there is a page that is displayed to the user. Content filter may log the event, unless it's "N events were dropped". Layer 3 and Layer 7 are really the harder ones. In our case it's typically geo filtering. The recent MaxMind/Google issue has taught us that the geo-filtering comes from MaxMind not BrightCloud. Once we have determined the source, getting it to go through is the next challenge. Other firewalls let you set allow rules at layer 7. I understand that will not be possible in firewall component, and won't be possible without a substantial amount of rewrite.
... View more