Umbrella's Selective Decryption Lists policy component lets you exclude content categories (and thus related sites), applications (Web policy only), and domains (Web policy only) from being proxied.

For a DNS policy, a selective decryption list excludes selected content categories from inspection by the intelligent proxy over HTTPS. A DNS selective decryption list can only be added from within the DNS policy wizard. Once added to a DNS policy, a DNS decryption list is listed on the Selective Decryption List components page and can be reused in other DNS policies. For more information, see Add a DNS Policy.

For the Web policy, a selective decryption list excludes selected content categories, applications, and domains from being inspected when HTTPS Inspection is enabled for a ruleset. A Web selective decryption list can only be added from within the Selective Decryption Lists policy components page and then added to a ruleset. Once added to the Selective Decryption Lists policy components page, a Web selective decryption list can be reused in other rulesets. For more information, see Add a Web Selective Decryption List.

---

Review File Type Controls Through Reports < Manage Selective Decryption > Add a Web Selective Decryption List