Advice on the proxy possibilities available with different Amazon Kindle models.
Amazon Kindle devices are now being utilized more and more in education and work environments. As these devices require an Internet connection, the question soon follows: "How do I use the Kindle with Guardian?"
Kindle 4 and older devices do not support proxies, therefore cannot be filtered through Guardian.
Whilst the Kindle Keyboard and the latest Kindle device do have web browsers available (under the experimental options), there is no way to input proxy settings of any kind either manual or via
proxy.pac. The simplest answer is to not use a proxy for your Kindle. The only way you can direct a Kindle through the web proxy is to utilize transparency.
With Guardian, you can filter HTTP and HTTPS transparently. However, the Kindle does not support transparent HTTPS interception, requiring that all HTTPS connections must go direct to the Internet.
Connections from the Kindle to Amazon (for the downloading of books and shopping the Kindle store) occur over HTTPS port
443. As such, for the functionality that the Kindle was designed for, the use of a proxy is not recommended.
However Kindle Touch and Kindle Fire devices have greater functionality you can add proxy settings to the devices. Then configure a web filter policy in Guardian for the category Books.
Note: The Kindle device MUST be connected to your wireless network first.
- From the Kindle device, go into the Wireless menu (typically, found under Quick Settings).
- Tap and hold (long click) the network name the device is connected to.
- Go into Advanced Settings.
- Add the proxy details for the Smoothwall web filter.
- From the Smoothwall administration user interface, add the Books category to Web proxy > Authentication > Exceptions.
- Create a whitelist policy as:
- Who Unauthenticated IPs
- What Books
- Where Add the locations you wish it to apply to, or Everywhere
- When Add the times you wish it to apply at, or Always
- Action Whitelist
If you prefer not to add the whole Books category, you will need to undertake a traffic dumping and analysis exercise to identify the individual domains that your devices are accessing in order to add them to a Authentication Exception category.