Skip to main content

Add HTTPS Inspection Policies

Updated
This article applies only to On-Premise Appliance, not to our Cloud products.

 

HTTPS inspection allows Smoothwall to scan all content on a webpage to apply web filtering.

Before you begin

  • Ensure you have a current HTTPS certificate. When saving policy changes, select Guardian CA certificate in the banner to download it for users to import into their browsers.
  • Go to Guardian > HTTPS inspection > Manage policies and ensure a HTTPS inspection policy does not already exist for the category you want to use.

Create a policy

  Tip

Create a Policy folder to more easily manage your policies.

  1. Go to Guardian > HTTPS inspection > Policy wizard, or Manage policies and select Create a new policy.
  2. Fill in each field using the Add or Remove buttons. Select Next or the down arrow to expand each step.
  1. In the Who section, select who the policy applies to. Select either:
    • Everyone to apply to all users.
    • One or more User Groups.
    • The single user icon and enter a username. This option can only be set up in On-Premise Appliance, but is synced to Cloud Filter and applied using Cloud Filter Extension, Smoothwall Browser or Android Filter App.
  1. In the What section, select the type of content to be actioned by the policy. Select either:

  Important

To prevent issues with the policy not applying or (if applied to Everything), having unintended effects, you must make sure your policies are targeted to the right thing. Check what to target using the Categories list and Content Modifications list.

  1. In the Where section, select where the policy should apply. Select either:
  1. In the When section, select when the policy should apply from your list of Time slots.
  1. Select an Action:
    • Decrypt and inspect: Examine encrypted traffic to identify threats and block inappropriate content within the page, not just the header.
    • Validate certificate only: Smoothwall won’t decrypt or inspect, but it will check if the destination server's Transport Layer Security (TLS) certificate is valid.
    • Do not inspect: Smoothwall won’t decrypt, inspect or check certificate validity.
  1. Ensure the Enable policy checkbox is selected.
  2. Select Confirm.
  3. On the next page:
    • You can download the certificate by selecting Guardian CA certificate in the banner.
    • Select Save.

Go to Guardian > HTTPS inspection > Manage policies to see the new policy at the bottom of the policy table. You can reorder, turn off, edit or delete policies and folders.