About lists

‚ÄčSIA‚Äč allows you to create two broad categories of lists: block lists and exception lists. The actions associated with these lists are prioritized over ‚ÄčAkamai‚Äč Security and classifications in ‚ÄčSIA‚Äč. If domains, IP addresses, or URLs are configured in multiple lists with conflicting actions, ‚ÄčSIA‚Äč selects the action based on a priority. For more information, see Policy conflicts.

Each entry in a list is counted separately. For example, in a custom list, each domain and IP address is counted as a separate entry. ‚ÄčSIA‚Äč allows you to have a maximum of 200,000 list entries.

An enterprise can create a maximum of 100 lists. If your organization needs to create more lists, contact your ‚ÄčAkamai‚Äč representative.

You need to deploy your work after creating, modifying, or deleting a list. The deployment takes approximately 20-30 seconds.

Block lists

Block lists are used to define whether a policy should block access or monitor access when users make requests to outside resources.

These are the types of block lists:

  • Custom lists. Defines known and suspected domains and/or IP addresses that you want to block or monitor, or domains and URLs that you want to block or monitor.

  • Top-level domain lists. Defines country-code top-level domains (ccTLD) and generic top-level domains (gTLD).

  • File hash block lists. Defines the hashes of files that you want ‚ÄčSIA‚Äč to block.

  • URL block lists. Defines URLs that you want to block or monitor.

Exception lists

Exception lists are used to define the specific traffic and file hashes that you don‚Äôt want scanned by ‚ÄčSIA‚Äč or ‚ÄčSIA‚Äč Proxy. If ‚ÄčSIA‚Äč Proxy is enabled, the proxy does not scan the domains, IP addresses, URLs, or file hashes in exception lists. By default, when a user associates an exception list to a policy, it's assigned the bypass policy action.

These are the types of exception lists:

  • Custom exception lists: Specifies domains and IP addresses that are bypassed by ‚ÄčSIA‚Äč policy. If ‚ÄčSIA‚Äč Proxy is enabled, these domains and IP addresses are bypassed by the proxy.

  • File hash exception lists: Specifies the hashes of files that you don't want scanned by ‚ÄčSIA‚Äč Proxy.

  • URL exception lists: Specifies one or more URLs that you don't want the ‚ÄčSIA‚Äč Proxy to scan.