Related Items:
WSS Getting Started User Guide
Webroot DWP Configuration Guide
Guide Sections:
Creating Policies
You assign policies to groups of users. A single policy can be applied to multiple groups, but a group can have only one policy. The Web Security Service provides a default policy as a starting point. You can customize the default policy or create multiple policies to meet your requirements.
Note: To create policies, you must have Add permission for Manage Policy.
To create policies:
The Add Policies subtab displays.
If the administrator does not have permission to work on Site Categories, the default subtab is different.
| SETTING | DESCRIPTION |
| Policy Name |
Required. Enter a name of up to 50 characters. Valid characters are any combination from A to Z, a to z, and 0 to 9. Spaces are allowed, and these special characters: ~ ` ! @ # $ % ^ & * ( ) _ + - = \ | ] } [ { ' : ; ? / > . < , |
| Web Filtering |
Select one of the following:
|
| Enable Scan Ahead | Selected by default; works with popular search engines. If someone uses a search engine, the search results show an icon next to the URL, identifying which policy applies to each URL on the page. |
| Enable Safe Search | Selected by default. Safe Search prevents access to pornographic images within a search result that contain images and videos. If not selected, pornographic images and videos are accessible if they are included in a search using popular search engines, because standard URL filters don't prevent these images from being displayed. |
| Enable Phishing Heuristics | Selected by default. This setting means even before any phishing malware signatures are known, the Web Security Service uses programmatic rules to analyze and block the sites if phishing is suspected. The detection relies on external links to banking and financial sites that are referenced within the phishing pages. If users access such sites, the error page displays Heuristic_Malware. |
| Dynamic Anonymizer Detection | Selected by default and cannot be changed. This feature detects sites that hide their IP addresses and other traceable identification, to bypass filtering. |
| Allow Uncategorized Sites | Selected by default. Search results display the Unknown icon next to uncategorized sites. If you clear this box, users are blocked from unknown sites; by clearing this box, you risk blocking legitimate sites. For new accounts created in this release, this option is unselected by default for the Best Practices policy. If you select this option, you risk allowing access to inappropriate sites |
| Enable SSL Traffic Inspection | Select the checkbox to enable SSL filtering on the 5.0 proxy. |
| Enable Persistent Cookie-Based Logins | When going directly to the proxy, without DWP being installed, selecting the checkbox allows users to remain logged in, so that users do not have to log in again when going to a new website. |
| Coached Timeouts (mins) |
Defaults to 10 minutes. This setting applies to websites that are marked for coaching. For new accounts created in this release, the default timeout for the Best Practices policy is 30 minutes. Enter a value in minutes between 10 and 510; the maximum period is 8.5 hours. The timeout period can be within a two-minute accuracy. For example, a 10 minute timeout period may last between 10 to 12 minutes. Coaching displays a warning if the user is accessing an inappropriate site. The user can choose to continue accessing the site; in this case, the Web Security Service requires user authentication. Users have a limited time in minutes, based on the Coached Timeout setting, to be on that site, or any other coached site, until the timeout period ends. When it ends, the coaching message appears again. Coaching does not apply in these situations:
|
