Downloading and Configuring WebFilter



Similar documents
ProxySG TechBrief Downloading & Configuring Web Filter

Reverse Proxy with SSL - ProxySG Technical Brief

LDAP Authentication and Authorization

ProxySG TechBrief Implementing a Reverse Proxy

HTTPS HTTP. ProxySG Web Server. Client. ProxySG TechBrief Reverse Proxy with SSL. 1 Technical Brief

Implementing Exception Pages

ProxySG TechBrief Enabling Transparent Authentication

ProxySG TechBrief LDAP Authentication with the ProxySG

ProxySG ICAP Integration

Blue Coat Security First Steps Solution for Controlling HTTPS

Blue Coat Security First Steps Solution for Controlling Web Applications

Blue Coat Security First Steps Transparent Proxy Deployments

Threat Containment for Facebook

Blue Coat WebFilter >

Blue Coat Security First Steps Solution for Integrating Authentication Using LDAP

Best Practices for Controlling Skype within the Enterprise. Whitepaper

Blue Coat Security First Steps Solution for Integrating Authentication

Blue Coat Security First Steps Solution for Deploying an Explicit Proxy

Blue Coat Security First Steps. Solution for HTTP Object Caching

Wavecrest Certificate

Sophos Anti-Virus standalone startup guide. For Windows and Mac OS X

How to Configure a Secure Connection to Microsoft SQL Server

Best Practices for Controlling Skype within the Enterprise > White Paper

Blue Coat Security First Steps Solution for Streaming Media

Secure Web Gateways Buyer s Guide >

AG MacOS Standalone Array Client Administration Guide

ez Agent Administrator s Guide

Masters Project Proxy SG

Blue Coat Security First Steps Solution for Recording and Reporting Employee Web Activity

Sophos Anti-Virus for NetApp Storage Systems startup guide

Reverse Proxy Deployment Guide

SECURE ICAP Gateway. Blue Coat Implementation Guide. Technical note. Version /12/13. Product Information. Version & Platform SGOS 6.

Sophos Anti-Virus for NetApp Storage Systems startup guide. Runs on Windows 2000 and later

Blue Coat Systems. Client Manager Redundancy for ProxyClient Deployments

Table of Contents. Chapter 1: Installing Endpoint Application Control. Chapter 2: Getting Support. Index

Protecting Your Network Against Risky SSL Traffic ABSTRACT

SSL Proxy Deployment Guide

The Benefits of SSL Content Inspection ABSTRACT

Blue Coat Systems. Reference Guide. SSL Proxy. For SGOS 5.5.x and later

Astaro Security Gateway V8. Remote Access via L2TP over IPSec Configuring ASG and Client


Deploying the SSL Proxy

Proxy Forwarding Access Method

FTP Server Configuration

Proxy Forwarding Access Method

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

Blue Coat WebPulse TM >

CONFIGURING AND USING WEBDAV IN LENOVO EMC LIFELINE

RSA Security Analytics

Contact Information. Document Number: Document Revision: SSL Proxy Deployment Guide SGOS 5.1.4

Malware Prevention with Blue Coat Proxies

SETUP SSL IN SHAREPOINT 2013 (USING SELF-SIGNED CERTIFICATE)

SSL SSL VPN

Integrated Citrix Servers

If the Domain Controller is running Windows Server 2003, it is strongly advised that the Group Policy Management tool is installed.

Executive Summary. What is Authentication, Authorization, and Accounting? Why should I perform Authentication, Authorization, and Accounting?

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client

Content Analysis System Guide

Setting Up SSL on IIS6 for MEGA Advisor

DIGIPASS Authentication for Cisco ASA 5500 Series

MadCap Software. Upgrading Guide. Pulse

Installation Guide Supplement

User Guide. You will be presented with a login screen which will ask you for your username and password.

Active Directory Integration with Blue Coat

SafeNet Authentication Service

Velocity Web Services Client 1.0 Installation Guide and Release Notes

SSL Interception on Proxy SG

This presentation covers virtual application shared services supplied with IBM Workload Deployer version 3.1.

Salesforce Integration

ECA IIS Instructions. January 2005

If you have questions or find errors in the guide, please, contact us under the following address:

Setting up Citrix XenServer for 2X VirtualDesktopServer Manual

Integrating the ProxySG and ProxyAV Appliances. For SGOS 6.5 and later and AVOS 3.5 and later

Sophos Endpoint Security and Control standalone startup guide

Burst Technology. bt-webfilter User Guide

Blue Coat Systems. Reference Guide. SSL Proxy. For SGOS 5.3.1

Application Note. Configuring McAfee Firewall Enterprise for McAfee Web Protection Service

Cloud Tools Reference Guide. Version: GA

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

Sophos for Microsoft SharePoint startup guide

BlackShield ID Agent for Remote Web Workplace

Lab Testing Detailed Report DR January Competitive Testing of Web Security Devices

QUICK START GUIDE. Cisco S170 Web Security Appliance. Web Security Appliance

Copyright 2012 Trend Micro Incorporated. All rights reserved.

How do I set up a branch office VPN tunnel with the Management Server?

Endpoint web control overview guide. Sophos Web Appliance Sophos Enterprise Console Sophos Endpoint Security and Control

Virtual Owl. Guide for Windows. University Information Technology Services. Training, Outreach, Learning Technologies & Video Production

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright Palo Alto Networks

Windows Server Update Services 3.0 SP2 Step By Step Guide

Cisco AnyConnect Secure Mobility Solution Guide

Configuring SonicWALL TSA on Citrix and Terminal Services Servers

Policy Guide. Version 6.8.2/Doc Revision: 10/23/15

Quick Start 5: Introducing and configuring Websense Cloud Web Security solution

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Configuring IBM Cognos Controller 8 to use Single Sign- On

MultiSite Manager. Setup Guide

How to Connect SSTP VPN from Windows Server 2008/Vista to Vigor2950

Preparing Your Server for an MDsuite Installation

Installing and Configuring vcloud Connector

Transcription:

Downloading and Configuring WebFilter What is URL Filtering? URL filtering is a type of transaction content filtering that limits a user s Web site access through a policy that is associated with a specific URL or URL topic category. URL filtering running on a ProxySG (On-Proxy) provides performance and policy extensions not found with a standalone URL solution. Because the Internet is ever changing, the Blue Coat ProxySG periodically downloads updates from the master WebFilter database so that your policy can incorporate new and updated sites. Plus WebFilter provides a real-time rating service for newly published web sites, providing an on the fly service not seen with other solutions. Why Enable URL Filtering? Companies cannot ignore the loss of productivity and the liability associated with unmanaged Web surfing. The ProxySG offers the capability to control access to undesirable sites on a category basis. More than 69 categories enable security administrators to deploy a consistent Web access policy. The entire WebFilter database can be loaded onto the ProxySG appliance to offer optimized performance. URL filtering also provides an additional defense layer against malware that can be downloaded to a user s system simply by opening a Web site (drive-by installation). By denying known-bad URLs, and enabling automatic updates of new known-bad URLs, drive-by installations of malware can be thwarted. WebFilter accomplishes this by using a honey grid of systems with multiple threat detection techniques to review every user request for hidden malware sources and determine reputations. The honey grid is called WebPulse and this cloud computing service contains the WebFilter master database, the Dynamic Real-Time Rating (DRTR) service, plus the Dynamic Background Rating (DBR) for threat detection, deep content inspection and reputation analysis. Besides ProxySG, the benefits of WebFilter for URL filtering and malware host blocking from WebPulse threat detections are available on ProxyClient to remote users. As a client agent, all user requests access the cloud WebFilter database and real-time rating service. This provides central policy management to remote users for URL filtering that includes malware host blocking from WebPulse grid detections. Configuring WebFilter URL Content Filtering There are four parts to implementing the WebFilter database on ProxySG: 1 Obtain the Blue Coat WebFilter License 2 Enable Content Filtering on the ProxySG 3 Configure Policy for WebFilter Categories using the Visual Policy Manager Note: The HTTP proxy service Action option must be set to Intercept in order for the policy to work. To do this, use the Configuration > Services > Proxy Services page of the Management Console and modify the HTTP service as needed. Note: To launch the VPM, go to Configuration > Policy > Visual Policy Manager and click Launch.

About the Default Proxy Policy On the Management Console Configuration > Policy > Policy Options page you can set the default policy option to Deny or Allow. The two options provide two different approaches: A default proxy transaction policy of Deny prohibits proxy-type access through the ProxySG appliance; instead, you must create policies to explicitly grant access on a case-by-case basis. A default proxy transaction policy of Allow permits most proxy transactions. If your policy is set to Allow, you must create policies to explicitly deny access on a case-by-case basis. Please note: if protocol detection is enabled (the default), HTTP CONNECT transactions are only allowed if they are tunneling SSL; if protocol detection is disabled, HTTP CONNECT is only allowed on port 443. This document assumes the Allow default proxy policy; in task four you select URL categories to deny. If your default proxy policy is Deny, you would, instead, select URL categories to allow, and all others would, by default, be denied. For more information on developing effective policies, see the Policy Best Practices tech brief. Part 1 Obtain the Blue Coat WebFilter License Blue Coat WebFilter URL content filtering requires a purchased license for use of its database. For evaluation purposes you can receive a free 60-day license. Use the Blue Coat Systems Contact Request page to begin the evaluation process. Part 2 Enable Content Filtering on the ProxySG To enable content filtering using the Blue Coat ProxySG Management Console: 1 Go to Content Filtering > General. Select Blue Coat WebFilter in the Providers area and click Apply. Click OK to close the confirmation box.

2 Go to Content Filtering > Blue Coat Web Filter. Enter your username and password as supplied by Blue Coat and click Apply. Click OK to close the confirmation box. 3 Click Download now. A status box displays. Click Close to dismiss the box. Downloading the database takes a few minutes. Once complete, a new option, Blue Coat, displays in the Visual Policy Manager as an Add Request URL Category Object option (configured in Part 3, below).

4 (Optional) Automatic update checks 24 hours a day are enabled by default. To configure a specific time span for automatic checks: On the Blue Coat Web Filter page select the Only between the hours of option and select the hours between which you want update checks to happen. Click Apply to save the changes. Click OK to close the confirmation box. Part 3 Configure Policy for Web Filter Categories Configure policy for Web Filter categories using Visual Policy Manager (VPM): 1 Begin by right-clicking Policy and adding a Web Access Layer OR add a new rule under any previously defined Web Access Layer by clicking Add Rule. 2 Right-click the Destination setting and select Set. The Set Destination dialog displays.

3 Click New and select Request URL Category. The Add Request URL Category object dialog displays. Name the object RequestURLCategory_BlueCoat; for example. 4 Open the Blue Coat tree to display category listings. Select the Adult/Mature Content, Gambling, and Sports/Recreation categories to test this policy. 5 Click OK to add the Request URL Category object and dismiss the dialog. The Set Destination Object dialog re-displays. 6 Click OK to set the new object and dismiss the dialog. Click Install Policy to finish. Click OK to dismiss the confirmation box.

Testing Your Configuration To test your configuration, simply open your browser and type in a category-related URL; for example, www.sportsillustrated.com. You can also test sites in the other categories as well. If you have configured the policy correctly, the Blue Coat policy denies you access to any site that is part of a restricted category; a page like the one shown below displays. Note: You can modify the error message shown below with a custom exception page. See the Blue Coat Tech Brief Implementing Exception Pages for details. Conclusion The Blue Coat ProxySG supports numerous vendors to run URL filtering On-Proxy. The ProxySG supports automatic downloads of the WebFilter database, and integrates the database with powerful policy functionality. By establishing a URL filtering policy, productivity issues and malware prevention can be addressed. Blue Coat Systems, Inc. 1.866.30.BCOAT // +1.408.220.2200 Direct // +1.408.220.2250 Fax // www.bluecoat.com Copyright 2008 Blue Coat Systems, Inc. All rights reserved worldwide. No part of this document may be reproduced by any means nor translated to any electronic medium without the written consent of Blue Coat Systems, Inc. Specifications are subject to change without notice. Information contained in this document is believed to be accurate and reliable, however, Blue Coat Systems, Inc. assumes no responsibility for its use, Blue Coat is a registered trademark of Blue Coat Systems, Inc. in the U.S. and worldwide. All other trademarks mentioned in this document are the property of their respective owners. v.tb-download_configure_webfilter-v1-0708

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information