Workflow Guide. Configuring Web Protection. For Customers with Sophos Firewall Document Date: November November 2015 Page 1 of 44

Transcription

1 Workflow Guide Configuring Web Protection For Customers with Sophos Firewall Document Date: November 2015 November 2015 Page 1 of 44

2 Contents Overview... 3 Implementing Web Anti Virus (Web AV)... 3 Use Case Use Case Use Case Use Case Use Case Implementing Application Control Use Case Use Case Use Case Implementing URL Filtering Use Case Use Case Use Case Use Case November 2015 Page 2 of 44

3 Overview Sophos Firewall (SF) provides complete protection over the web via its Web Protection Module which includes the features: Web Anti Virus (Web AV), URL Filtering and Application Control. Web AV: The Web AV enables malware scanning of all HTTP, HTTPS and FTP traffic. It also facilitates Safe Search, Pharming Protection and Caching. URL Filtering: URL Filtering or Web Filtering controls user's web access. It specifies which user has access to which sites and allows defining powerful security policies. Application Control: Application Control allows administrator to prioritize application access based on user identity, time, applications and bandwidth. Implementing Web Anti Virus (Web AV) The Web AV primarily scans all HTTP, HTTPS and FTP based traffic for malware. Any infected or suspicious files are dropped ensuring clean traffic in and out of the network. Some of the Use Cases for which Web AV is configured are: Use Case 1: Admin wants Dual AV Scanning for Maximum Security. Use Case 2: Configure Device to NOT scan files with size above 2048 KB. Use Case 3: Enable scanning of Audio and Video files. Use Case 4: Bypass Malware Scanning of traffic between IP Hosts and Use Case 5: Bypass HTTPS Scanning of Financial Services Web Category. Use Case 1 Requirement Admin wants Dual AV Scanning of Web Traffic for Maximum Security Prerequisites - Web Protection Module should be subscribed. - Applicable to Sophos UTM Models SG105 and above - Applicable to Cyberoam Models CR1000iNG and above Configuration In this case, we set the AV scanning method as Dual Scan and enable HTTP and HTTPS Scanning in relevant Security Policy(s). All configurations are to be done from Admin Console using Appliance Access Profile having read/write administrative rights over relevant features. Step 1: Enable Dual Anti-Virus Scanning Navigate to System > System Services > Web Content Filter and, under General Configuration, select Scanning as Dual Anti-Virus (Maximum Security). November 2015 Page 3 of 44

4 Click Apply to save settings. Step 2: Enable HTTP and HTTPS Scanning in relevant Security Policy Security Policies are security rule-sets to implement control over users, applications or network objects in an organization. Using Security Policies, you can create blanket or specialized traffic transit rules based on the requirement. Policies provide centralized management for the entire set of device security policies. Security Policies are based on two configurable templates to define the policy rules: 1. Business Application Rule 2. User/Network Rule You can implement Web Protection on the relevant User/Network Rule. Here, as an example, we have enabled scanning of HTTP and HTTPS traffic on a Rule. Navigate to Policies and select the relevant Rule. Click to edit the Rule. Under Malware Scanning section, enable Scan HTTP and Decrypt & Scan HTTPS by clicking the toggle switches. November 2015 Page 4 of 44

5 Click Save to save the settings. Use Case 2 Requirement Configure Device to NOT scan files with size above 2048 KB Prerequisites Web Protection Module should be subscribed. Configuration In this case, we set the threshold size of file scanning as 2048 KB and enable HTTP and HTTPS Scanning in relevant Security Policy(s). All configurations are to be done from Admin Console using Appliance Access Profile having read/write administrative rights over relevant features. Step 1: Set File Size Threshold as 2048 KB Navigate to System > System Services > Web Content Filter and, under HTTP/HTTPS Configurations, set File Size Threshold as 2048 KB. November 2015 Page 5 of 44

6 Click Apply to save settings. Step 2: Enable HTTP and HTTPS Scanning in relevant Security Policy Security Policies are security rule-sets to implement control over users, applications or network objects in an organization. Using Security Policies, you can create blanket or specialized traffic transit rules based on the requirement. Policies provide centralized management for the entire set of device security policies. Security Policies are based on two configurable templates to define the policy rules: 1. Business Application Rule 2. User/Network Rule You can implement Web Protection on the relevant User/Network Rule. Here, as an example, we have enabled scanning of HTTP and HTTPS traffic on a Rule. Navigate to Policies and select the relevant Rule. Click to edit the Rule. Under Malware Scanning section, enable Scan HTTP and Decrypt & Scan HTTPS by clicking the toggle switches. November 2015 Page 6 of 44

7 Click Save to save the settings. Use Case 3 Requirement Enable scanning of Audio and Video files. Prerequisites Web Protection Module should be subscribed. Configuration In this case, we enable audio and video scanning in Web Content Filter configuration and then enable HTTP and HTTPS Scanning in relevant Security Policy(s). All configurations are to be done from Admin Console using Appliance Access Profile having read/write administrative rights over relevant features. Step 1: Enable Audio and Video Scanning Navigate to System > System Services > Web Content Filter and, under HTTP/HTTPS Configurations, enable Audio & Video File Scanning. November 2015 Page 7 of 44

8 Click Apply to save settings. Step 2: Enable HTTP and HTTPS Scanning in relevant Security Policy Security Policies are security rule-sets to implement control over users, applications or network objects in an organization. Using Security Policies, you can create blanket or specialized traffic transit rules based on the requirement. Policies provide centralized management for the entire set of device security policies. Security Policies are based on two configurable templates to define the policy rules: 1. Business Application Rule 2. User/Network Rule You can implement Web Protection on the relevant User/Network Rule. Here, as an example, we have enabled scanning of HTTP and HTTPS traffic on a Rule. Navigate to Policies and select the relevant Rule. Click to edit the Rule. Under Malware Scanning section, enable Scan HTTP and Decrypt & Scan HTTPS by clicking the toggle switches. November 2015 Page 8 of 44

9 Click Save to save the settings. Use Case 4 Requirement Bypass Malware Scanning of traffic between IP Hosts and Prerequisites Web Protection Module should be subscribed. Configuration In this case, create relevant HTTP Scanning Rule and then enable HTTP and HTTPS Scanning in relevant Security Policy(s). All configurations are to be done from Admin Console using Appliance Access Profile having read/write administrative rights over relevant features. Step 1: Create HTTP Scanning Rule Navigate to System > System Services > Web Content Filter and click Add under HTTP Scanning Rule section. Specify details as shown in screen. November 2015 Page 9 of 44

10 Click Save to save the settings. Step 2: Enable HTTP and HTTPS Scanning in relevant Security Policy Security Policies are security rule-sets to implement control over users, applications or network objects in an organization. Using Security Policies, you can create blanket or specialized traffic transit rules based on the requirement. Policies provide centralized management for the entire set of device security policies. Security Policies are based on two configurable templates to define the policy rules: 1. Business Application Rule 2. User/Network Rule You can implement Web Protection on the relevant User/Network Rule. Here, as an example, we have enabled scanning of HTTP and HTTPS traffic on a Rule. Navigate to Policies and select the relevant Rule. Click to edit the Rule. Under Malware Scanning section, enable Scan HTTP and Decrypt & Scan HTTPS by clicking the toggle switches. November 2015 Page 10 of 44

11 Click Save to save the settings. Use Case 5 Requirement Bypass HTTPS Scanning of Financial Services Web Category. Prerequisites Web Protection Module should be subscribed. Configuration In this case, create relevant HTTPS Scanning Exception and then enable HTTP and HTTPS Scanning in relevant Security Policy(s). All configurations are to be done from Admin Console using Appliance Access Profile having read/write administrative rights over relevant features. Step 1: Create HTTPS Scanning Exceptions Navigate to System > System Services > Web Content Filter and click Add under HTTPS Scanning Exception section. Specify details as shown in screen. November 2015 Page 11 of 44

12 Click Save to save the settings. Step 2: Enable HTTP and HTTPS Scanning in relevant Security Policy Security Policies are security rule-sets to implement control over users, applications or network objects in an organization. Using Security Policies, you can create blanket or specialized traffic transit rules based on the requirement. Policies provide centralized management for the entire set of device security policies. Security Policies are based on two configurable templates to define the policy rules: 1. Business Application Rule 2. User/Network Rule You can implement Web Protection on the relevant User/Network Rule. Here, as an example, we have enabled scanning of HTTP and HTTPS traffic on a Rule. Navigate to Policies and select the relevant Rule. Click to edit the Rule. Under Malware Scanning section, enable Scan HTTP and Decrypt & Scan HTTPS by clicking the toggle switches. November 2015 Page 12 of 44

13 Click Save to save the settings. Implementing Application Control Application Control allows administrator to monitor and control user s application access. It specifies which user has access to which applications by configuring custom policies to define different levels of access for different users to meet organizations' requirements. SF employs a Proactive Protection Model in its Application Control by automatically categorizing any newly launched or upgraded application into the following groups. Category: Such as Streaming Media, P2P, Proxy and Tunneling, Social Networking, etc. Risk: Very Low, Low, Medium, High, Very High. Characteristics: Such as Loss of productivity, Excessive Bandwidth, Transfer Files, Vulnerabilities, etc. Technology: Browser Based, Client Server, P2P, Network Protocol. The administrator can simply create policies using categories given above without worrying about individual applications. This saves the administrator the hassle of updating application filter policies each time a new application is introduced in the market or an existing one is upgraded, in other words, each time a new application pattern is introduced. Some of the Use Cases for which Application Control is configured are: Use Case 1: Block access to P2P applications Use Case 2: Block access to all High Risk Applications Use Case 3: Allow FacebookGames for QA group only, while blocking all games for all others. Use Case 1 Requirement Block access to P2P applications. Prerequisite Web Protection Module should be subscribed. November 2015 Page 13 of 44

14 Configuration In this case, we create an Application Filter called BlockP2P, add relevant rules to the policy and implement the policy in the relevant Security Policy(s). All configurations are to be done from Admin Console using Appliance Access Profile having read/write administrative rights over relevant features. Step 1: Create App Filter Policy to block P2P Applications Navigate to Objects > Policies > Application Group and click Add to add an Application Filter Policy. Specify Name as BlockP2P and Template as Allow All. Click Save to create the policy. November 2015 Page 14 of 44

15 Note: Appliance is shipped with the following predefined policies for applications: Allow All and Deny All. These two predefined policies are immediately available for use until configured otherwise. You can also define custom policies to define different levels of access for different users to meet your organization s requirements. Step 2: Add Rules to Policy Select BlockP2P policy created in step 1 and click Add to add rules in the policy according to parameters given below. November 2015 Page 15 of 44

16 Parameters Value Description Application Filter Criteria Category: P2P Select the category of applications that are to be selected List of Matching Applications Select All Based on the Application Filter Criteria, applications are listed. Application <All P2P Applications> Select one or more applications to be blocked. Action Deny Select the Action: Allow OR Deny. Schedule All the time Select the Schedule from the list of Schedules available Click Save to add rule to BlockP2P policy. November 2015 Page 16 of 44

17 Click Save to save the policy. Step 3: Apply App Filter Policy to relevant Security Policy Security Policies are security rule-sets to implement control over users, applications or network objects in an organization. Using Security Policies, you can create blanket or specialized traffic transit rules based on the requirement. Policies provide centralized management for the entire set of device security policies. Security Policies are based on two configurable templates to define the policy rules: 1. Business Application Rule 2. User/Network Rule You can implement Web Protection on the relevant User/Network Rule. Here, as an example, we have applied the App Filter Policy created in step 1 to User Application policy for Marketing Department of an organization. Navigate to Policies and select the relevant Rule. Click to edit the Rule. Under Policy for User Applications, select App Filter as BlockP2P, as shown below. November 2015 Page 17 of 44

18 Use Case 2 Requirement Block access to all high risk applications. Prerequisite Web Protection Module should be subscribed. Configuration In this case, we create an Application Filter called BlockHighRisk, add relevant rules to the policy and implement the policy in the relevant Security Policy(s). All configurations are to be done from Admin Console using Appliance Access Profile having read/write administrative rights over relevant features. Step 1: Create App Filter Policy to block P2P Applications Navigate to Objects > Policies > Application Group and click Add to add an Application Filter Policy. Specify Name as BlockHighRisk and Template as Allow All. November 2015 Page 18 of 44

19 Click Save to create the policy. Note: Appliance is shipped with the following predefined policies for applications: Allow All and Deny All. These two predefined policies are immediately available for use until configured otherwise. You can also define custom policies to define different levels of access for different users to meet your organization s requirements. Step 2: Add Rules to Policy Select BlockHighRisk policy created in step 1 and click Add to add rules in the policy according to parameters given below. November 2015 Page 19 of 44

20 Parameters Value Description Application Filter Criteria Risk: 4-High & 5-Very high Select the category of applications that are to be selected List of Matching Applications Select All Based on the Application Filter Criteria, applications are listed. Application <P2P Applications> Select one or more applications to be blocked. Action Deny Select the Action: Allow OR Deny. Schedule All the time Select the Schedule from the list of Schedules available November 2015 Page 20 of 44

21 Click Save to add rule to BlockHighRisk policy. Step 3: Apply App Filter Policy to relevant Security Policy Security Policies are security rule-sets to implement control over users, applications or network objects in an organization. Using Security Policies, you can create blanket or specialized traffic transit rules based on the requirement. Policies provide centralized management for the entire set of device security policies. Security Policies are based on two configurable templates to define the policy rules: 1. Business Application Rule 2. User/Network Rule You can implement Web Protection on the relevant User/Network Rule. Here, as an example, we have applied the App Filter Policy created in step 1 to User Application policy for Marketing Department of an organization. Navigate to Policies and select the relevant Rule. Click to edit the Rule. Under Policy for User Applications, select App Filter as BlockHighRisk, as shown below. November 2015 Page 21 of 44

22 Use Case 3 Requirement Allow FacebookGames for QA group only, while blocking all games for all others. Prerequisite Web Protection Module should be subscribed. Configuration In this case, we create a Web Filter Policy to block all Games websites and an Application Filter Policy to allow Facebook Games. We create a Security Policy to apply the Web Filter Policy on all traffic. We create another Security Policy to apply App Filter Policy only on QA Group. Place the QA policy above the general policy. All configurations are to be done from Admin Console using Appliance Access Profile having read/write administrative rights over relevant features. Step 1: Create a Web Filter Policy to block all Games Refer to Use Case 1 of Implementing URL Filtering section for instructions on this. Step 2: Create App Filter Policy to allow Facebook games Navigate to Objects > Policies > Application Group and click Add to add an Application Filter Policy. Specify Name as AllowFBGames and Template as Allow All. November 2015 Page 22 of 44

23 Click Save to create the policy. Note: Appliance is shipped with the following predefined policies for applications: Allow All and Deny All. These two predefined policies are immediately available for use until configured otherwise. You can also define custom policies to define different levels of access for different users to meet your organization s requirements. Step 3: Add Rules to Policy Select AllowFBGames policy created in step 1 and click Add to add rules in the policy according to parameters given below. November 2015 Page 23 of 44

24 Parameters Value Description List of Matching Applications Select Individual Application: Facebook Based on the Application Filter Criteria, applications are listed. Application Facebook Games Select one or more applications to be blocked. Action Allow Select the Action: Allow OR Deny. Schedule All the time Select the Schedule from the list of Schedules available November 2015 Page 24 of 44

25 Click Save to add rule to AllowFBGames policy. November 2015 Page 25 of 44

26 Click Save to save the policy. Step 4: Create Relevant Security Policies Security Policies are security rule-sets to implement control over users, applications or network objects in an organization. Using Security Policies, you can create blanket or specialized traffic transit rules based on the requirement. Policies provide centralized management for the entire set of device security policies. Security Policies are based on two configurable templates to define the policy rules: 1. Business Application Rule 2. User/Network Rule You can implement Web Protection on the relevant User/Network Rule. Here, as an example, we have applied the Web Filter and App Filter Policy created in step 1 and 2 respectively to the Rule. Navigate to Policies and click +Add Firewall Rule followed by User/Network Rule. Create a Rule BlockGamesForAll with Source Zone as LAN and Destination Zone as WAN. Apply the Web Filter Policy to this Rule. Create a LAN to WAN Rule AllowFBGamesForQA with Identity enabled and selected as QA Group. Apply the Application Filter Policy to this Rule. Make sure AllowFBGamesforQA is above BlockGamesForAll. November 2015 Page 26 of 44

27 Implementing URL Filtering URL Filtering or Web Filtering allows you to control Internet access of users or groups of users. Using these policies, you can block or allow specific URLs or an entire category of websites. The SF Web Categorization Database contains millions of websites grouped into categories like Games, Personals & Dating, CriminalActivity, etc. Allowing or blocking any particular category allows/blocks all websites falling under that particular category. This reduces the effort on part of the administrator to create policies for each individual website. Some of the Use Cases for which URL Filtering is configured are: Use Case 1: Block access to "Games" Web Category Use Case 2: Block only and from Social Networking Category Use Case 3: Block all websites of "JobSearch" category except of Use Case 4: Allow access to all Social Networking websites with exception of upload/download of Images and Videos. Use Case 1 Requirement Block access to "Games" Web Category. Prerequisite Web Protection Module should be subscribed. Configuration In this case, we create a Web Filter Policy called "Games', add relevant rules to the policy and implement the policy in the relevant Security Policy(s). All configurations are to be done from Admin Console using Appliance Access Profile having read/write administrative rights over relevant features. November 2015 Page 27 of 44

28 Step 1: Create Web Filter Policy to deny Games default web category Navigate to Objects > Policies > Web Filter and click Add to add a Web Filter Policy. Specify Name as Block_Games and Template as Allow All. Click Add to add the Rules. Specify the Rule as per parameters given below. November 2015 Page 28 of 44

29 Click Add to add the Rule. Parameters Value Description Category Type Web Category Category Type for which rule is to be added. Category Games Category for which rule is to be added. Multiple categories can also be selected. HTTP Action Deny Action for HTTP traffic. HTTPS Action Deny Action for HTTPS traffic. Schedule All the Time Access to the Games category will be denied completely. November 2015 Page 29 of 44

30 Click Save to save the policy. Step 2: Apply Web Filter Policy to relevant Security Policy Security Policies are security rule-sets to implement control over users, applications or network objects in an organization. Using Security Policies, you can create blanket or specialized traffic transit rules based on the requirement. Policies provide centralized management for the entire set of device security policies. Security Policies are based on two configurable templates to define the policy rules: 1. Business Application Rule 2. User/Network Rule You can implement Web Protection on the relevant User/Network Rule. Here, as an example, we have applied the Web Filter Policy created in step 1 to Rule for Marketing Department of an organization. Navigate to Policies and select the relevant User/Network Rule. Click to edit the Rule. November 2015 Page 30 of 44

31 Under Policy for User Applications, select Web Filter as Block_Games, as shown below. Use Case 2 Requirement Block only and from Social Networking Category. Configuration In this case, we create a Custom Web Category to include and create corresponding Web Filter Policy, add relevant rules to the policy and implement the policy in the relevant Security Policy(s). All configurations are to be done from Admin Console using Appliance Access Profile having read/write administrative rights over relevant features. Step 1: Create Custom Web Category Navigate to Objects > Content > Custom Web Category and click Add to create a new category. Include Domains and as shown below. November 2015 Page 31 of 44

32 Step 2: Create Web Filter Policy to deny "FacebookandTwitter" custom web category Navigate to Objects > Policies > Web Filter and click Add to add a Web Filter Policy. Specify Name as Block_FacebookAndTwitter and Template as Allow All. Click Add to add the Rules. November 2015 Page 32 of 44

33 Specify the Rule as per parameters given below. Parameters Value Description Category Type Web Category Category Type for which rule is to be added. Category FacebookAndTwitter Category for which rule is to be added. Multiple categories can also be selected. HTTP Action Deny Action for HTTP traffic. HTTPS Action Deny Action for HTTPS traffic. Schedule All the Time Access to the Games category will be denied completely. November 2015 Page 33 of 44

34 Click Add to add the Rule. Click Save to save the policy. November 2015 Page 34 of 44

35 Step 3: Apply Web Filter Policy to a User/Network Rule Security Policies are security rule-sets to implement control over users, applications or network objects in an organization. Using Security Policies, you can create blanket or specialized traffic transit rules based on the requirement. Policies provide centralized management for the entire set of device security policies. Security Policies are based on two configurable templates to define the policy rules: 1. Business Application Rule 2. User/Network Rule You can implement Web Protection on the relevant User/Network Rule. Here, as an example, we have applied the Web Filter Policy created in step 1 to Rule for Marketing Department of an organization. Navigate to Policies and select the relevant User/Network Rule. Click to edit the Rule. Under Policy for User Applications, select Web Filter as Block_FacebookAndTwitter, as shown below. Use Case 3 Requirement Block all websites of "JobSearch" category except of Prerequisite Web Protection Module should be subscribed. Configuration In this case, we create a Custom Web Category to which contains create corresponding Web Filter Policy, add Two (2) rules to the policy (1 to block JobSearch category and 2 to November 2015 Page 35 of 44

36 allow custom category for and implement the policy in the relevant Security Policy(s). All configurations are to be done from Admin Console using Appliance Access Profile having read/write administrative rights over relevant features. Step 1: Create Custom Web Category Navigate to Objects > Content > Custom Web Category and click Add to create a new category. Include Domain as shown below. Step 2: Create Web Filter Policy Navigate to Objects > Policies > Web Filter and click Add to add a Web Filter Policy. Specify Name as BlockJobSearchExceptMonster and Template as Allow All. Click Add to add the Rules. November 2015 Page 36 of 44

37 Rule 1: To block JobSearch Category Specify the Rule as per parameters given below. Parameters Value Description Category Type Web Category Category Type for which rule is to be added. Category JobSearch Category for which rule is to be added. Multiple categories can also be selected. HTTP Action Deny Action for HTTP traffic. HTTPS Action Deny Action for HTTPS traffic. Schedule All the Time Access to the Games category will be denied completely. November 2015 Page 37 of 44

38 Click Add to add the Rule. Rule 2: To allow only or "Monster" Web Category Specify the Rule as per parameters given below. Parameters Value Description Category Type Web Category Category Type for which rule is to be added. Category Monster Category for which rule is to be added. Multiple categories can also be selected. HTTP Action Allow Action for HTTP traffic. HTTPS Action Allow Action for HTTPS traffic. Schedule All the Time Access to the Games category will be denied completely. November 2015 Page 38 of 44

39 Click Add to add the Rule. Click Save to save the policy. November 2015 Page 39 of 44

40 Step 3: Apply Web Filter Policy to a User Application Policy Security Policies are security rule-sets to implement control over users, applications or network objects in an organization. Using Security Policies, you can create blanket or specialized traffic transit rules based on the requirement. Policies provide centralized management for the entire set of device security policies. Security Policies are based on two configurable templates to define the policy rules: 1. Business Application Rule 2. User/Network Rule You can implement Web Protection on the relevant User/Network Rule. Here, as an example, we have applied the Web Filter Policy created in step 1 to Rule for Marketing Department of an organization. Navigate to Policies and select the relevant User/Network Rule. Click to edit the Rule. Under Policy for User Applications, select Web Filter as BlockJobSearchExceptMonster, as shown below. Use Case 4 Requirement Allow access to all Social Networking websites with exception of upload/download of Images and Videos. Prerequisite Web Protection Module should be subscribed. Configuration In this case, we create a Web Filter Policy, add rule to the policy to allow "SocialNetworking" but with exception that Audio and Video files be blocked, and implement the policy in the relevant Security Policy(s). November 2015 Page 40 of 44

41 All configurations are to be done from Admin Console using Appliance Access Profile having read/write administrative rights over relevant features. Step 1: Create Web Filter Policy Navigate to Objects > Policies > Web Filter and click Add to add a Web Filter Policy. Specify Name as Block_ImagesVideos and Template as Allow All. Click Add to add the Rules. Specify the Rule as per parameters given below. November 2015 Page 41 of 44

42 Parameters Value Description Category Type Web Category Category Type for which rule is to be added. Category Social Networking Category for which rule is to be added. Multiple categories can also be selected. HTTP Action Allow Action for HTTP traffic. HTTPS Action Allow Action for HTTPS traffic. Click to add the file type category exception rule for a selected category type and select file type category. Exception: File Type Category Image Files, Video Files For Example: If you want to allow Sport category and deny video file from the Sport category then specify Allow action for Sport category and add Video File in Exception list. Schedule All the Time You can define exception only for Web Category and URL Group. At all times, access to the SocialNetworking" category is accessible but Audio and Video files cannot be downloaded. Click Add to add the Rule. November 2015 Page 42 of 44

43 Click Save to save the policy. Step 2: Apply Web Filter Policy to a User/Network Rule Security Policies are security rule-sets to implement control over users, applications or network objects in an organization. Using Security Policies, you can create blanket or specialized traffic transit rules based on the requirement. Policies provide centralized management for the entire set of device security policies. Security Policies are based on two configurable templates to define the policy rules: 1. Business Application Rule 2. User/Network Rule You can implement Web Protection on the relevant User/Network Rule. Here, as an example, we have applied the Web Filter Policy created in step 1 to Rule for Marketing Department of an organization. Navigate to Policies and select the relevant User/Network Rule. Click to edit the Rule. Under Policy for User Applications, select Web Filter as Block_ImagesVideos, as shown below. November 2015 Page 43 of 44

44 November 2015 Page 44 of 44