URL Conditions in an FDM-Managed Access Control Rule
The URL conditions of an access control rule defines the URL used in a web request, or the category to which the requested URL belongs. For category matches, you can also specify the relative reputation of sites to allow or block. The default is to allow all URLs.
URL categories and reputations allow you to quickly create URL conditions for access control rules. For example, you could block all Gaming sites, or all high risk Social Networking sites. If a user attempts to browse to any URL with that category and reputation combination, the session is blocked.
Using category and reputation data also simplifies policy creation and administration. It grants you assurance that the system will control web traffic as expected. Finally, because Cisco's threat intelligence is continually updated with new URLs, as well as new categories and risks for existing URLs, you can ensure that the system uses up-to-date information to filter requested URLs. Malicious sites that represent security threats such as malware, spam, botnets, and phishing may appear and disappear faster than you can update and deploy new policies.
To modify the URL and URL Category conditions in an access control rule, you can edit the rule using the procedure in Configure the FDM Access Control Policy. Simple edits may be performed without entering edit mode. From the policy page, you can modify a URL condition in the rule by selecting the rule and clicking the + button within the URL condition column and selecting a new object, element, URL reputation, or URL category from the popup dialog box. You can also click the x on an object or element to remove it from the rule.
Click the blue plus icon 
and select URL objects, groups, or URL categories and click Save. You can click Create New Object if the URL object you require does not exist. See Create or Edit FDM URL Objects for more information about URL objects.
License Requirement for URL Filtering
To use URL filtering, you need to have the URL license enabled on your FDM-manageddevice.