Smoothwall Filter & Firewall: Creating Web Filter Policies

This article applies to the Smoothwall Filter & Firewall On-Prem solution in either Hardware or VM form.
Understanding Policy Elements

The Guardian Web Filter builds policies based on a Who, What, Where, When, Action format:

Who: The individual user or user-group to whom the policy applies. 

The system defaults to listing User Groups. To select individual Users, use the Hide/Show Users selector highlighted here:
SingleUserMode.png
What: The web content category, or a group of categories, to be actioned by the policy. 

Where: A network location (an IP or range of IP's) that the policy will apply too.

When: A time-slot during which the policy will be active.

Action: How the Smoothwall will action the policy. 

The Action element has multiple options depending on what you want to do with the policy. Let's look at those now.

  1. Create Policy Folder: This allows you to organize the Guardian Web Filter Policies into folders, where all policies within the folder share one or more elements - this is most commonly used for grouping policies by User Group but other elements can be used as needs require. 
    Policies can be added to Policy Folders by using the + icon on the folder in the policy table at Guardian > Web Filter > Manage Policies.
  2. Block: Instructs the Guardian Web Filter to deny access to the content defined in the What field presuming the request is first identified as coming from the user/group nominated in the Who field.
  3. Allow: Instructs the Guardian WebFilter to permit access to the content defined in the What field presuming the request is first identified as coming from the user/group nominated in the Who field. 
  4. Whitelist / Do Not Filter: This combines the function of the Allow action but also removes HTTPS Inspection from the content and any relevant Content Modifications. This is used where content is deemed safe to access entirely unfiltered. 
    NOTE: Using this action on the 'Web Search' category, or any custom category containing search engines (google.com, etc) will remove the Search Term Filtering functionality for that site and compromises content filtering in search engines.
  5. Soft Block: The Smoothwall will initially block the request as defined by the contents of the What field with an option to proceed to the site - this is useful for cautionary notices; Terms of Use, Fair Use Policy, etc. 
  6. Limit to Quota: This instructs the Guardian Web filter to permit access to the content defined in the What field but limits access to a timed quota - once this quota is used by a given user, that user will no longer have access to the site requested until the quota is renewed.

Creating a Policy

To create a new Guardian Web Filter Policy:

  1. Log-in to your Smoothwall Filter & Firewall Admin UI.
  2. Navigate to Guardian > Web Filter > Policy Wizard. Alternatively, navigate to Guardian > Web Filter > Manage Policies and use the 'Create New Policy' tool at the bottom of the page.
  3. In the creation form, fill out the Who, What, Where, When, and Action as required. 
    NOTE: You may select between User Groups and Users in the Who field with the muilt/single-user tool on the left of the populated field.
  4. Note the 'Enable Policy' check-box at the bottom of the policy form, toggle this to make the policy live upon creation or disabled if the policy is not immediately required to take effect. Click 'Confirm' to complete the policy configuration. 
  5. Review the policy configuration and if all is correct click the 'Save' button. Else click 'Back to return to the configuration page or 'Cancel' to abort the new policy. 
  6. Navigate to Guardian > Web Filter > Manage Policies to see the new policy at the bottom of the policy table.

NOTE: Policy order is very important in the Guardian Web Filter - policies are actions from top to bottom and Guardian will look at each policy in turn from left to right to match the request made with a policy. The first policy that matches the request made will be actioned. 

Consider the following example:
mceclip1.png

In this example Netflix is blocked as a global rule for all users by Rule 2, however, requests made for Netflix URLs made by users identified as part of Filter Group A will be allowed as Policy 1 matches first. 

Checking Domains in Categories

If you are unsure is any given URL has been categorized by Smoothwall, you can use the Categories Search tool found under Guardian > Policy Objects > Categories. Use this tool to search for the domain (for example, 'cheese.com') in the built-in and custom categories, which will assist you in making filtering policy decisions.

Quick Block/Allow

By Default the Smoothwall Web Filter has two readily customizable categories, Custom Blocked Content and Custom Allowed Content. These categories are preset in policies that apply to all users and can be used to quickly allow or block a URL/domain with the QuickBlock/Allow tool. 

  1. Log in to your Smoothwall Filter Admin UI. 
  2. Navigate to Guardian > Quick Links > Quick Block/Allow.
  3. Enter the full URL or domain to be actioned in the provided field and click Block or Allow to add the entry to the respective category.