This article applies to organisations with a 'Hybrid' setup (both On-Premise Appliance and Cloud), as well as On-Premise only and Cloud only setups.
Smoothwall’s Web Filtering functionality allows you to block or allow access to different web content.
If you have a Hybrid setup (both Cloud and On-Premise Appliance), you can manage your Custom Categories and Web Filter Policies in either place.
On-Premise Appliance
There are two ways to manage blocked and allowed content using the On-Premise Appliance. You can use the Quick block/allow feature, or create new policies.
Tip
Before creating a new policy, check if the URL is already included in an existing category used in one of your policies.
Quick block/allow
Smoothwall On-Premise Appliance has two built-in categories, Custom Blocked Content and Custom Allowed Content. You can use these to quickly allow or block a URL or domain with the Quick Block/Allow tool.
- Go to Guardian > Quick Links > Quick Block/Allow.
- Enter the URL or domain, then select Block or Allow.
- You can select the "Custom blocked content" or "Custom allowed content" links to open a new tab for the Guardian > Policy Objects > Categories page, where you can see the URL or domain added to the category.
Create a new policy
Go to Guardian > Web Filter > Policy wizard, or go to Guardian > Web Filter > Manage Policies and select Create a new policy.
Select either:
- Global policy, cannot be overwritten
- Global policy, can be overwritten
- A specific Tenant
Work through each section from the top of the page to the bottom. Manage the items in your policy by selecting Add or Remove. Select Next or the down arrow to expand each step.
- In the Who section, select who the policy applies to. Select either:
- Everyone to apply to all users
- One or more User Groups
- The single user icon and enter a username (not available in Cloud Filter)
- In the What section, select the type of content to be actioned by the policy. Select either:
Important: To prevent issues with the policy not applying or (if applied to Everything), having unintended effects, you must make sure your policies are targeted to the right thing. Check what to target using the Categories and Content Modifications lists.
- In the Where section, select where the policy should apply. Select either:
- Everywhere
- One or more network locations (IP or range of IPs)
- In the When section, select when the policy should apply from your list of Time slots.
- Use the Action selector to choose how the policy should work:
- Block: Deny access to the content defined in the What field.
- Allow: Permit access to the content defined in the What field.
-
Do Not Filter (not available in Cloud Filter): Permit completely unfiltered access by removing HTTPS Inspection and any Content Modifications.
Important: Using this action on the 'Search Engines' category, or any custom category containing search engines (google.com, etc) will remove the Search Term Filtering functionality for that site and compromises content filtering in search engines.
- Soft Block (not available in Cloud Filter): Initially deny access but provide an option to proceed to the site - useful for cautionary notices, such as Terms of Use or Fair Use Policies.
- Limit to Quota (not available in Cloud Filter): Permit access to the content defined in the What field only for a limited time, then deny after this time is reached until the quota is renewed.
Make sure Enable policy is selected.
Select Confirm.
On the next page, select Save.
Go to Guardian > Web Filter > Manage Policies to see the new policy at the bottom of the policy table.
Manage Policy folders
Policy folders can help you organise policies, such as for grouping policies by User Group. Anything entered into the Who, What, Where, When, and Action fields of the Policy folder will apply to the policies created within that Policy folder.
Important
- You can’t move existing policies into folders, so you would need to delete any existing policies, then recreate them within the folder.
- You can’t create sub-folders within folders.
Create a Policy folder
- Go to Guardian > Web Filter > Policy wizard, or go to Guardian > Web Filter > Manage Policies and select Create a new policy.
- Fill in or leave blank the Who, What, Where and When fields as required. You should set at least one of the Who, What, Where or When fields, because this is required to be able to sync your setup to Cloud Filter. If you do not do this, you can enable or disable the policy in Cloud Filter, but any amendments to the fields can only be made in your On-Premise Appliance.
- Select Create policy folder as the Action.
- Ensure the Enable policy checkbox is selected.
- Select Confirm.
- On the next page, select Save.
Add policies to the folder
- Go to Guardian > Web Filter > Manage Policies.
- Select the file icon.
- Fill out the Who, What, Where, When, and Action as required. Any fields set for the Policy folder will apply and can’t be edited.
- Ensure the Enable policy checkbox is selected.
- Select Confirm.
- On the next page, select Save.
Cloud Filter
Tip
Right-click over a policy or folder to Expand or Collapse the editor for all policies and folders.
Create a new policy
Go to Filter > Policies.
Select what policy type to create and select Add policy in that section.
Add a name for the policy.
- In the Who section, select who the policy applies to. Select either:
- Everyone to apply to all users
- One or more User Groups
- The single user icon and enter a username (not available in Cloud Filter)
- In the What section, select the type of content to be actioned by the policy. Select either:
Important: To prevent issues with the policy not applying or (if applied to Everything), having unintended effects, you must make sure your policies are targeted to the right thing. Check what to target using the Categories and Content Modifications lists.
- In the Where section, select where the policy should apply. Select either:
- Everywhere
- One or more network locations (IP or range of IPs)
- In the When section, select when the policy should apply from your list of Time slots.
- Use the Action selector to choose how the policy should work:
- Block: Deny access to the content defined in the What field.
- Allow: Permit access to the content defined in the What field.
-
Do Not Filter (not available in Cloud Filter): Permit completely unfiltered access by removing HTTPS Inspection and any Content Modifications.
Important: Using this action on the 'Search Engines' category, or any custom category containing search engines (google.com, etc) will remove the Search Term Filtering functionality for that site and compromises content filtering in search engines.
- Soft Block (not available in Cloud Filter): Initially deny access but provide an option to proceed to the site - useful for cautionary notices, such as Terms of Use or Fair Use Policies.
- Limit to Quota (not available in Cloud Filter): Permit access to the content defined in the What field only for a limited time, then deny after this time is reached until the quota is renewed.
Ensure the Status is set to Enabled.
Select +Add policy.
Go to Filter > Publishing and select Publish.
Manage Policy folders
Policy folders can help you organise policies, such as for grouping policies by User Group. Anything entered into the Who, What, Where, When, and Action fields of the Policy folder will apply to the policies created within that Policy folder.
Important
- You can’t move existing policies into folders, so you would need to delete any existing policies, then recreate them within the folder.
- You can’t create sub-folders within folders.
Create a Policy folder
- Go to Filter > Policies.
- Select Add folder.
- Enter the folder name.
- Fill in or leave blank the Who, What, Where and When fields as required. At least one field must be defined.
- For the Action field, select either:
- Allow to set all policies in the folder as Allow.
- Block to set all policies in the folder as Block.
- Overridden to allow policies in the folder to either Allow or Block.
- Select +Add folder.
- Go to Filter > Publishing and select Publish.
Add policies to the folder
- Go to Filter > Policies.
- Select the folder.
- Select +Add child policy.
- Fill out the fields as required. Any fields set for the Policy folder will not appear, and can’t be edited.
- Ensure the Status is set to Enabled.
- Select +Add policy.
- Go to Filter > Publishing and select Publish.