8e6 Technologies Enterprise Filter Authentication R3000 User Manual

Size:
6.79 Mb
Download

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

Step 4: Block everything for the Sub-Group

1.Select the IP Sub-Groupfrom the tree.

2.Click Sub Group Profile in the pop-upmenu to display the Sub Group Profile window:

Fig. 5-15Sub Group Profile window, Category tab

3.In the Category Profile page, move all categories to the Blocked Categories list box by selecting categories from the Pass Categories and/or Always Allowed list box(es) and using the left arrow (<) to move them to the Blocked Categories list box.

TIP: Blocks of categories can be selected by clicking the first category, and then pressing the Shift key on your keyboard while clicking the last category.

4. For Uncategorized Sites, click “Block”.

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

179

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

5. Click Apply.

Step 5: Use Authentication Request Page for redirect URL

1.Click the Redirect URL tab to display the Redirect URL page:

Fig. 5-16Sub Group Profile window, Redirect URL tab

2. Select “Authentication Request Form”.

NOTE: Since the Authentication Request Form radio button selection uses the host name of theserver—notthe IP address— be sure there is a DNS resolution for the host name.

3. Click Apply.

As a result of these entries, Web-basedauthentication takes effect immediately, and any user in thisSub-Groupwill be

180

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

sent to the Authentication Request Form if he/she attempts to access content on the Internet. After filling out this form and being authenticated, the user will be able to access Internet content based on his/her filtering profile.

Step 6: Disable filter options

1.Click the Filter Options tab to display the Filter options page:

Fig. 5-17Sub Group Profile window, Filter Options tab

2.Uncheck all the checkboxes: “X Strikes Blocking”, “Google/Yahoo! Safe Search Enforcement”, “Search Engine Keyword Filter Control”, “URL Keyword Filter Control”, and “Extend URL Keyword Filter Control”.

3.Click Apply.

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

181

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

Step 7: Set Global Group to filter unknown traffic

1.Click Global Group in the tree to open the pop-upmenu.

2.Select Global Group Profile to display the Category tab of the Profile window:

Fig. 5-18Global Group Profile window, Category tab

a.In the Category Profile page, select categories to block, pass, or white list, and indicate whether uncategorized sites should pass or be blocked.

b.Click Apply.

3.Click the Port tab to display the Port page:

182

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

Fig. 5-19Global Group Profile window, Port tab

a.In the Port page, enter the Port number to be blocked.

b.Click Add to include the port number in the Block Port(s) list box.

c.After entering all port numbers to be blocked, click

Apply.

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

183

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

4.Click the Default Redirect URL tab to display the Default Redirect URL page:

Fig. 5-20Global Group Profile window, Default Redirect URL tab

a.Select “Default Block Page”.

b.Click Apply.

184

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

5.Click the Filter Options tab to display the Filter Options page:

Fig. 5-21Global Group Profile window, Filter Options tab

a.Select filter options to be enabled.

b.Click Apply.

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

185

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

As a result of these entries, the standard block page will display—instead of the Authentication Request Form— when any user in this Sub-Group is blocked from accessing Internet content.

Fig. 5-22Default Block Page

186

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

Activate Web-basedauthentication for theGlobal Group

This selection of Web-basedauthentication creates more of aload on the R3000 than the IP Group selection, and should only be used as an alternative to IP Group authentication.

Step 1: Exclude filtering critical equipment

This step involves the identification of equipment—suchasbackup servers—you wish to be excluded from being served the Authentication Request Form page.

For this step, you must choose one of two options:

Block Web access only – Select this option if you do not want to log traffic for a machine that you set up to be excluded from filtering on the network. Using this option, you exclude the IP address of a machine via the Range to Detect window. If you select this option, go to Step 1A.

Block Web access and log traffic – Select this option if you wish to log traffic for a machine that you set up to be excluded from filtering on the network. Using this option, you create an IP profile for the machine via the Sub Group Profile window. If you select this option, go to Step 1B.

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

187

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

Step 1A: Block Web access, logging via

Range to Detect

NOTE: Segments of network traffic should not be defined ifusing the firewall mode.

Range to Detect Settings

1.Click Global Group in the tree to open the pop-upmenu.

2.Select Range to Detect to display the Range to Detect Settings window:

Fig. 5-23Range to Detect Settings window, main window

3.In the Current Ranges frame, click Add to go to the next Settings page:

188

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE