WinRoute Firewall
Web Rules Definition
Access to Web pages will be limited by the following restrictions:
-
filtering of advertisements included in Web pages
-
access to pages with erotic/sexual content is denied
-
access to Web pages that offer jobs is denied (only users working in
Personal Departments are allowed to access these pages)
-
user authentication will be required before access to the Internet is
allowed (this way you can monitor which pages are opened by each user)
The following basic HTTP rules are already predefined and available in the
URL Rules tab in Configuration / Content Filtering / HTTP Policy:
- Remove advertisement and banners
-
Filtering of advertisements and banners. According to this rule all
objects matching with the predefined Ads/banners URL group are dropped.
Tick this rule to activate it.
Note: It might happen that a page
that does not represent any advertisement is dropped. If so, remove an
appropriate item (the one that causes the problem) from the Ads/banners
group or add an exceptional rule for particular pages (we recommend
using the second method).
- Deny sites rated in Cobion categories
-
This rule denies access to Web sites that match selected Cobion
Orange Filter system categories. Use the Select Rating...
button to select categories that will be blocked first.
Select appropriate categories in the Pornography section to deny
access to pages with erotic/sexual content.
Notes:
-
The basic WinRoute
license does not provide Cobion Orange
Filter system (a special license version must be
purchased). However, this system is available in the WinRoute
trial version.
-
Cobion Orange Filter
system included in WinRoute
must communicate with database servers. This means that the
traffic policy must enable access to the COFS
service (6000/tcp) from the firewall. Traffic rules
created by the Wizard allow all traffic from the firewall to the
Internet it is not necessary to define a new rule.
-
You can define multiple URL rules that will use the Cobion
Orange Filter rating system. Multiple categories may
be used for each rule.
-
We recommend you to enable the unlock option in rules
that use the Cobion Orange Filter
rating system as a page may be classified incorrectly and
useful information might be blocked under certain conditions. All
unlock queries are logged into the Filter
log here you can monitor whether unlock queries were
appropriate or not.
- Authenticate all users
-
This option will require authentication of all users that intend to
access Web pages (and it will enable authenticated users to access the
pages). Thus the Internet is not accessed anonymously and you can easily
monitor network activity of individual users (the Web
and the HTTP logs).
Note: You can insert the information
that will be displayed when an attempt to connect to a denied page is
detected in the Advanced tab (URL Rules).
Creating Custom URL Rules
Rules that will be used for certain users or user groups may be added after
the rule that requires authentication for all users.
You can add a rule that will enable users belonging to the Personal
Department group to access pages where jobs are offered.
A rule that will deny all users to access pages with job offers must
be added after the previous rule.
Note: In both rules mentioned above
only the JobSearch category is selected.
Cache accelerates access to repeatedly opened Web pages, thus reducing
Internet traffic. Cache can be enabled from the Enable cache on transparent
proxy and the Enable cache on proxy server options in Configuration / Content
Filtering / HTTP Policy. Set the cache to the desirable size with respect to
the free memory on the disc using the Cache size entry. The 1 GB
(1024 MB) value is set by the default, the maximum value is 2 GB
(2048 MB).