How to configure Web Filtering for Macs on Sophos Central

1. Purpose of the article

This article will guide how to configure Web Filtering feature to control the user’s web access

This feature will enable administrators to easily control the behavior of the web access to minimize user access to web sites containing malicious code or web sites use more bandwidth.

2. What to do ?

  • Configure Web Filtering with the available web categories
  • Configure Web Filtering with the specified URL

3. Configuration

3.1 Configure Web Filtering with the available web categories

To configure web filtering we log into Sophos Central’s admin page with the admin account, then go to Endpoint Protection> Policies.

Click Add Policy to add a new policy.

The Add Policy table appears, we will select the following information:

  • Feature: choose Web Control from the drop-down menu
  • Click Continue

The Create New Computer Policy table will appear, we need to fill in the following information:

Policy Name: Test_Web_Control

Tab USER:

  • We’ll select the user that the Mac is currently using, here we’ll select the MacOS15’s Mac \ macos15 user from the Available Users panel and click the right arrow to move this user to the Assigned Users panel.

Tab SETTNG:

  • We click on the switch in Acceptable web usage to enable this web access control feature.
  • After turning up we click View Details to view the list of supported web Sophos.
  • These are Productivity-related categories, Social Networking, Adult and potentially inappropriate categories, Categories likely to cause excessive bandswidth usage, Business-relevant site categories.
  • Each category contains other more minor categories, you can click the View More in the right side of each category to see.
  • In this article I will perform prohibit access to social networking sites like facebook, twitter, …
  • To configure our attention to the box below the words Acceptable web usage, this box which contain the recommended configuration of Sophos as Keep it clean, Gentle Guidance, Business only, Conserve bandwidth and especially Let me specify.
  • With Let Me Specify you can custom configure your discretion if the recommended configuration of Sophos does not meet your requirements.
  • Here I will select Let me specify and allows access to all the remaining categories except Social Networking.
  • Next, click the switch on Log web control events to record the log.
  • Click Save.

After installation is complete we will access social networking sites to try and check the results.

Facebook

Twitter

Tumblr

As shown us that social networking sites are not accessible.

We will check the log to see if Sophos Central records the log.

To view the log we go to Logs and Reports> General Logs> Events.

The result is that we will see the log line is saved when users violate policy.

Logs also provide very detailed information such as date of violation, the path is blocked, the user identity breach …

3.2 Configure Web Filtering with the specified URL

If you use the control as the top of the list is this way will generate the following shortcomings.

If that company just wants to ban facebook access and allow access to the rest of social networking sites, the above control method will not be able to satisfy.

So in this section thegioifirewall will guide you how to control access to the web in one or more of the specified URL so you have more options to administrators.

In this section, thegioifirewall will guide you to configure facebook blocking with its own url.

To configure the first step we need to create a URL for facebook, to create a login to Sophos Central with an admin account then go to Global Settings> General> Website Management> click Add

The Add Website Customization panel appears and fill in the following information:

  • Enter URLs,DOMAINs,TLDS,IP ADDRESSES, OR CIDR RANGES: we will enter facebook.com url in this box.
  • CATEGORY OVERRIED: Blogs & Forums
  • ADD TAGS: Facebook
  • Click Save

Next we go to Endpoint Protection> Policies> left click on the Test_Web_Control policy created in the previous section> switch to the SETTINGS tab.

In the Acceptable Web Usage section we press the switch to turn off this feature.

In the Control sites tagged in Website Management section, we press the switch to enable this feature.

Then click Add New, the Add Website Tag panel appears, we will select the following information:

  • WEBSITE TAG : select Facebook from the drop-down menu
  • ACTION : Block
  • Click Save

Click Save.

Then we will proceed to visit the website to check the results

Twitter

Tumblr

Facebook

The results show that we can still access other social networking sites normally with only the blocked Facebook page, so the initial needs have been met.

We will check the log to see if Sophos Central records the log.

To view the log we go to Logs and Reports> General Logs> Events.

As a result we will see log lines saved when the user violated the policy.

The log also provides very detailed information such as the date of the violation, the blocked path, the identity of the violating user …

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.