Setting up Groups:

When setting up groups, follow these procedures:

1. Enter ranges of IP addresses in the Range to Detect window. Enter service ports numbers that should be ignored (left open).

NOTE: If using the firewall mode, IP address ranges should not be entered for IP groups.

2. Create rules in the Rules window.

3. Set up the global (default) filtering profile to be used by all users, unless they belong to a group that has a filtering profile applied, or have their own filtering profile. The global filtering profile includes categories to be blocked, opened, assigned a warn setting, or white listed; ports to be blocked, and the Redirect URL to use if a user attempts to access a site or service that is blocked. Various filter options can be enabled. Quotas can be set up in passed categories to limit access to a set number of quota minutes.

4. Establish the minimum filtering level that will be used in conjunction with the user's filtering profile. The minimum filtering level includes categories to block or leave open, ports to block, and options for IP group users to bypass these settings.

NOTE: Any user with an override account set up by the global administrator can access content blocked by the minimum filtering level for other users. For IP group users, the minimum filtering level can be bypassed if exception URLs are set up for a user's group, and/or if an override account is set up for an IP group user by the group administrator, and the global administrator has set exception URLs and/or override accounts to bypass the minimum filtering level.

5. If using IP addresses to identify users on the network, set up IP groups, and have group administrator set up IP sub-groups and individual IP members.

For IP group filtering profiles, the group administrator should specify categories to block, open, assign a warn filter setting, or white list. The group administrator can also set up a custom redirect URL or specify the Authentication Request Form to be used in place of the standard block page, if users attempt to access a site or service that has been blocked. Various filter options can be enabled. Additionally, the group administrator can create an override account for a specified user, giving that user access to blocked sites and services.

If using the mobile mode to filter end users on mobile workstations located outside of the organization's building:
In Web Filter software version 5.x.xx - Certificates are used for identifying mobile workstations. (See Operational Modes > Mobile Mode option and File Format and Rules > IP Profiles for more information about the mobile mode in Web Filter software release 5.x.xx.)
In Web Filter software version 4.x.xx - MAC addresses are used for identifying mobile workstations. (See Operational Modes > Mobile Only Mode or Mobile Mode option and File Format and Rules > IP Profiles for more information about using the mobile mode in Web Filter software release 4.x.xx.)

6. If using authentication for LDAP domains, enter authentication settings in authentication windows.

In the LDAP section of the tree list, add groups and members as necessary, including any workstations and/or containers.

For an LDAP filtering profile, the authorized administrator should specify categories to block, open, assign a warn filter setting, or white list. This administrator can also set up a redirect URL to be used in place of the standard block page, if the user attempts to access a site or service that has been blocked. Various filter options can be enabled. Quotas can be included for restricting category access within a set number of quota minutes.

Related Topics:

Back | Top



© Trustwave. All rights reserved.