General

The Web Protection Policy General section is used to configure the overall policy settings including how data is handled, the message displayed to end users when a site is blocked and the end user interaction.

Field

Description

Settings

Policy Name

Identifies this specific policy

Report Only

Instructs the Agent to only capture traffic for reporting purposes and not enforce the policy settings

Report Only disables all other policy options.

Block Page

The custom message displayed to an end user when access to a website is denied.

You can use the following substitution strings in the message to provide detailed information about why a website is blocked:

Supported Substitution Strings	Description
!url!!	Website URL (if known)
!policy!!	Name of applied policy rule (English only)
!category!!	Name of category (English only)
!reputation!!	Website reputation score

To ensure the message directly reflects your requirements, you can edit the HTML version of the message directly by selecting the additional options menu.

You can embed your own webpage, images and comments in the Block Page. For example, host a custom block webpage and reference it in the Block Page, perhaps using an iframe: <iframe src="http://www.your.domain/block.html" width="400" height="300"; frameborder="3"></iframe> or simply include your logo when blocking: <img src="http://www.your.domain/logo.gif" width="680" height="80">

Where HTTPS websites are blocked, including those returned as part of a redirect, an SSL error is displayed rather than the Block Page message.

The Block Page can be up to 2000 characters and supports the direct entering of special character, there is no need to enter the HTML version, unless adding in the Source Edit dialog. For example, Den här sidan har blockerats enligt företagets IT policy will appear in the Block Page as entered. Please note, any text entered in the Block Page counts towards the 2000 character limit.

Black Page message example:

Reputation Block Range

Configure the security policy based on your risk tolerance. Websites are blocked when their reputation is within the entered range. For more information, see Website Reputation and Risk.

Regardless of its reputation, a website is allowed when it is on the Whitelist

Include Local Network Traffic

Controls the content filtering on the local network traffic. If the setting is enabled, all local network traffic with IP addresses in the following ranges are inspected and reported on by Web Protection:

192.168.0.0 - 192.168.255.255

172.16.0.0 - 172.16.255.255

10.0.0.0 - 10.255.255.255

End-User Interaction

Show Taskbar Icon

Display messages to the end user when any Web Protection actions are taken, including the blocking of sites that were accessed programmatically.

Show Notifications

Show Windows notification alerts to the user when Web Protection actions are taken.