beautypg.com

Caution: overriding the restriction of a site – Amer Networks E5Web GUI User Manual

Page 453

background image

Command-Line Interface
First, create an HTTP Application Layer Gateway (ALG) Object:

Device:/> add ALG ALG_HTTP content_filtering

WebContentFilteringMode=Audit
FilteringCategories=SEARCH_SITES

InControl

Follow the same steps used for the Web Interface below.

Web Interface

First, create an HTTP Application Layer Gateway (ALG) Object:

1.

Go to: Objects > ALG > Add > HTTP ALG

2.

Specify a suitable name for the ALG, for example content_filtering

3.

Click the Web Content Filtering tab

4.

Select Audit in the Mode list

5.

In the Blocked Categories list, select Search Sites and click the >> button

6.

Click OK

The steps to then create a service object using the new HTTP ALG and modifying the NAT rule to
use the new service, are described in the previous example.

Allowing Override

On some occasions, Active Content Filtering may prevent users carrying out legitimate tasks.
Consider a stock analyst who deals with on-line gaming companies. In his daily work, he might
need to browse gambling web sites to conduct company assessments. If the corporate policy
blocks gambling web-sites, he will not be able to do his job.

For this reason, cOS Core supports a feature called Allow Override. With this feature enabled, the
content filtering component will present a warning to the user that he is about to enter a web
site that is restricted according to the corporate policy, and that his visit to the web site will be
logged. This page is known as the restricted site notice. The user is then free to continue to the
URL, or abort the request to prevent being logged.

By enabling this functionality, only users that have a valid reason to visit inappropriate sites will
normally do so. Other will avoid those sites due to the obvious risk of exposing their surfing
habits.

Caution: Overriding the restriction of a site

If a user overrides the restricted site notice page, they are allowed to surf to all pages
without any new restricted site message appearing again. The user is, however, still
being logged. When the user has become inactive for 5 minutes, the restricted site page
will reappear if they then try to access a restricted site.

Chapter 6: Security Mechanisms

453

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: