Setting
up Groups:
When
setting up groups, follow these procedures:
1.
Enter ranges of IP addresses in the Range to Detect window.
Enter service ports numbers that should be ignored (left open).
NOTE:
If using the firewall mode, IP address ranges should not be entered
for IP groups.
2.
Create rules in the Rules
window.
3.
Set up the global (default)
filtering profile to be used by all users, unless they belong
to a group that has a filtering profile applied, or have their own
filtering profile. The global filtering profile includes categories
to be blocked, opened, assigned a warn setting, or white listed;
ports to be blocked, and the Redirect URL to use if a user
attempts to access a site or service that is blocked. Various filter
options can be enabled. Quotas can be set up in passed categories
to limit access to a set number of quota minutes.
4.
Establish the minimum filtering
level that will be used in conjunction with the user's filtering
profile. The minimum filtering level includes categories to block
or leave open, ports to block, and options for IP group users to
bypass these settings.
NOTE:
Any user with an override
account set up by the global administrator can access content
blocked by the minimum filtering level for other users. For IP group
users, the minimum filtering level can be bypassed if exception
URLs are set up for a user's group, and/or if an override
account is set up for an IP group user by the group administrator,
and the global administrator has set exception URLs and/or override
accounts to bypass the minimum filtering level.
5.
If using IP addresses to identify users on the network, set
up IP groups, and have group administrator set up IP sub-groups
and individual IP members.
For
IP group filtering profiles, the group administrator should specify
categories to block, open, assign a warn filter setting, or white
list. The group administrator can also set up a custom redirect
URL or specify the Authentication Request Form to be used in place
of the standard block page, if users attempt to access a site or
service that has been blocked. Various filter options can be enabled.
Additionally, the group administrator can create an override account
for a specified user, giving that user access to blocked sites and
services.
If
using the mobile mode in Web Filter software version 4.x.xx to filter
end users on mobile workstations located outside of the organization's
building, MAC addresses of end user workstations are used instead
of IP addresses. (See Operational
Modes > Mobile Mode and File
Format and Rules > IP Profiles for more information on the
mobile mode.)
6.
If using authentication for LDAP domains, enter authentication
settings in authentication windows.
In
the LDAP section of the tree list, add groups
and members as necessary,
including any workstations and/or containers.
For
an LDAP filtering profile, the authorized administrator should specify
categories to block, open, assign a warn filter setting, or white
list. This administrator can also set up a redirect URL to be used
in place of the standard block page, if the user attempts to access
a site or service that has been blocked. Various filter options
can be enabled. Quotas can be included for restricting category
access within a set number of quota minutes.
Related
Topics:
Back
| Top
|