Web Security

Print Friendly, PDF & Email

This feature helps you create security policies for an endpoint or group where Browsing and Phishing Protection can be enabled. This blocks malicious and phishing Web sites. You can restrict or allow access to the internet and Web sites as per your requirement.
The following settings are provided under Web Security:

  • Browsing and Phishing
  • Block Web Categories
  • Block Specific Websites
  • Schedule Internet Access
  • Alerts and Reports
  • Google Access Controller
  • YouTube Access Controller

Browsing Protection

While users visit malicious Web sites some files may get installed on their systems. These files can spread malware, slow down the system, or corrupt other files. These attacks can cause substantial harm to the system.
Browsing Protection ensures that malicious Web sites are blocked while the users in a group are accessing the Internet. Once the feature is enabled, the site that is accessed is scanned and is blocked if found to be malicious.

Phishing Protection

Phishing is a fraudulent attempt, usually made through email, to steal your personal information. These emails usually appear to have been sent from seemingly well-known organizations and sites such as banks, companies and services seeking for your personal information such as credit card number, social security number, account number or password.
Administrators can enable Phishing Protection that prevents users from accessing phishing and fraudulent Web sites. As soon as a site is accessed, it is scanned for any phishing behavior. If found fraudulent, then it is blocked to prevent any phishing attempts.

Web Categories

There are certain concerns that most organizations may face:

  • System infection by malware.
  • Users browsing unwanted Web sites.
  • The employees idling away time.
    To avoid these concerns the administrators need to have a policy that regulates users and their Web access activities.
    The Web Categories feature helps the administrators centrally control and manage the browsing behavior of the users. The administrators can create different security policies for different groups according to their requirements and priorities.

Creating a new Web Security policy

To configure policy for Web Security, follow these steps:

  1. Create Container/feature policy for Web Security.
  2. On the Feature Policy page, you can see the following list of settings with expand sign and toggle button. Expand and Enable settings that you want to configure.

    • Browsing and Phishing
    • Block Web Categories
    • Block Specific Websites
    • Schedule Internet Access
    • Alerts and Reports
    • Google Access Controller
    • YouTube Access Controller
  3. Expand Browsing and Phishing. Select either of the following or both the check boxes:

    • Browsing Protection
    • Phishing Protection
  4. Enable and Expand Block Web Categories.
  5. Select Protection level, Low, Medium, or High.
  6. This restricts or allows access to the Web sites based on their categories as per the security policy of your organization. If you block a category, all the Web sites referring to the category will be blocked.
    1. The Web categories are enabled, and you can allow or deny access to each category.
    2. From Status column, select either Allow or Deny.
  7. Enable and expand Block specified websites. You can enter the Web sites that you want to block. For details, see Block specified websites mentioned below on this page.
  8. Enable and expand Schedule Internet Access and do the following:

      Select one of the following options:

      • Always allow access to the internet
      • Allow access to the internet as per schedule – When you select the option, Allow access to the internet as per schedule, you can add the schedule time.
    1. Click Add to add the schedule. Add Time Interval dialog appears.
    2. Select the Weekday from the list.
    3. Select the Start at and End at hours.
    4. Click OK.
      You can delete the schedule entry if the entry is not required.

      Note
      SSL versions earlier than 3.1 are not supported for Schedule Internet Access.

  9. Enable and expand Alerts and Reports.
  10. Select either of the following or both the check boxes:
    • Display Alert Message – when website is blocked.
    • Generate Web Security Reports – To generate reports for all blocked Web sites. If you select this option, a large number of reports will be generated depending upon the Web usage.
  11. Enable and expand Google Access Controller. For details, see Google Access Controller mentioned below on this page.
  12. Enable and expand YouTube Access Controller. For details, see Block YouTube Categories mentioned below on this page.
  13. To save your settings, click Save Policy.
    Importantly, if you have customized the settings and later you want to revert to the default settings, click the Reset Default button.

Block specified websites

This feature is helpful in restricting access to certain Web sites or when a Web site does not fall into an appropriate category. It is also helpful if you have a shorter list of the Web sites that you would prefer to restrict the Web sites than blocking the entire category.
To block Web sites, follow these steps:

  1. Log on to Thirtyseven4 EDR Security.
  2. Go to Policies > Container Policies > Web Security. The Block specified websites features (Add, Delete, Delete All) are activated.
  3. Type a URL and then click Add.
  4. Note –

    • If you add youtube.com, YouTube Access Controller feature will not function as expected.
    • If you add accounts.google.com, Google Access Controller will not function as expected.
  5. If you want to block the subdomains, select the option Yes or No in Block Subdomains column. For example, if you block www.google.com and enable ‘Block Subdomains’, all its subdomains such as mail.google.com will also be blocked.
    You can delete the URL, if required.

    Note –
    The Block Subdomains feature is not applicable for the clients with Mac operating systems.

Google Access Controller

Here you can add Email domains related to your organization to log in to your Google account.

  1. Enable and expand Google Access Controller.
  2. The settings done on the Configuration page are displayed here. You can change the settings if required.
  3. Enter Email Domains to log in to your Google Account in the correct domain name format. The domain name should include the domain name and top-level domain.
  4. Click Add.

The entry is added to the Domain list. This feature allows user to access google account only through the Email domains added in the list.

You can delete the domain names if not required.

YouTube Access Controller

On the YouTube platform, channels and videos are arranged using YouTube video categories.
Some examples of YouTube Video Categories are,

  • Film & Animation
  • Autos & Vehicles
  • Music
  • Pets & Animals
  • Sports
  • Short Movies

Here you can block or allow YouTube categories to watch the videos.

  1. Enable and expand YouTube Access Controller.
  2. The settings done on the Configuration page are displayed here. You can change the settings if required.
  3. By default, the YouTube Categories Access is selected as Allow all. You can select the option Deny all to deny all the YouTube Categories.
    To allow some categories and deny some categories, select the option Custom. You can select Allow or Deny option as per required access to the YouTube Categories.


Exclusions by YouTube attribute

Exclusion enables you to apply an exception rule to the YouTube Categories Access policy. This helps you to allow YouTube videos that you want to watch from blocked categories.
You can exclude YouTube category by channel or publisher. YouTube Channel is a personalized home where all the videos the creator uploads.The YouTube Channel handle terminology is named as Publisher here for easy understanding.
For more information about Handles, see YouTube Handle.
To exclude YouTube category, do the following steps:

  1. Click Add.
    The Exclusion by YouTube attribute dialog appears.
  2. Select Channel or Publisher.
  3. Enter the Channel/Publisher name.
  4. Click Add.

The entry is added to the list.
You can delete entry if not required.


Block by YouTube attribute

Blocking helps you to block YouTube videos from allowed categories.
You can block by channel or publisher. YouTube Channel is a personalized home where all the videos the creator uploads. The YouTube Channel handle terminology is named as Publisher here for easy understanding.
For more information about Handles, see YouTube Handle.
To block YouTube category, do the following steps:

  1. Click Add.
    The Block by YouTube attribute dialog appears.
  2. Select Channel or Publisher.
  3. Enter the Channel/Publisher name.
  4. Click Add.

The entry is added to the list.
You can delete entry if not required.

Note:
Once the Google Access Controller or Youtube Access Controller is enabled:

  • Launching Incognito mode (Chrome) and InPrivate mode (Edge) is disabled as browser extension cannot apply policy in Incognito or InPrivate window.
  • Developer tools are disabled.
  • User is unable to install custom browser extension.

Exclusion for Browsing Protection and Phishing Protection

Exclusion enables you to apply an exception rule to the protection policy for Browsing Protection and Phishing Protection. This helps you exclude the URLs of the sites that are actually genuine, but get erroneously detected either as malicious or phishing sites. You are recommended to exclude only those URLs that you trust to be safe and genuine.
You can exclude the URLs in the following way:

  1. Log on to the Thirtyseven4 EDR Security.
  2. Go to Policies > Container Policies > Web Security.
  3. In the Browsing and Phishing section, under Exclude URLs, type the URL and then click Add. The Report Miscategorized URL dialog appears. You can report about miscategorization of the URL to the Thirtyseven4 EDR Security lab if the URL is detected as malicious or phishing site.
  4. Select one of the reasons from the following:
    • URL is getting detected as Malicious
    • URL is getting detected as Phish
  5. To report about miscategorization, click Yes. If you do not want to report about miscategorization, click No. The URL is added in the Exclude URL list.
  6. To save your settings, click OK.
    In the action bar, you can perform the following actions:

    Action Description
    Add Helps you exclude a URL from being detected as malicious or phishing.
    Delete Helps you delete a URL from the Excluded URL list.
    Report Helps you report if a URL is miscategorized.

Exclusion for Web Categories

Exclusion helps you apply an exception rule to the protection policy for Web Categories. This helps you when you want to restrict access to a Web site category, but you want to allow certain Web sites from the restricted category.
You can enlist such Web sites in the Exclusion list in the following way:

  1. Log on to the Thirtyseven4 EDR Security.
  2. Go to Policies > Container Policies > Web Security.
  3. Click the Exclusion button. The Exclude URLs dialog appears.
  4. In the Block Web Categories section, under Exclusions, type the URL and then click Add. The URL is added in the Exclude URL list.
  5. To exclude the subdomains, in the column Exclude Subdomain, select option Yes or No.
  6. To save your settings, click OK.
Action Description
Add Helps you exclude a URL from being restricted even if it belongs to the blocked category.
Delete Helps you delete a URL from the Excluded URL list.

Exclusion for Schedule Internet Access

You can exclude certain known websites from getting it blocked. Excluded URLs/Websites will not get blocked even if internet is restricted.
You can enlist such Web sites in the Exclusion list in the following way:

  1. Log on to the Thirtyseven4 EDR Security.
  2. Go to Policies > Container Policies > Web Security.
  3. In the Schedule Internet Access section, under Exclusions, type the URL and then click Add. The URL is added in the Exclude URL list.
  4. To save your settings, click OK.
Action Description
Add Helps you exclude a URL from being restricted even if internet is restricted.
Delete Helps you delete a URL from the Excluded URL list.
Was this page helpful?

Leave a Comment