WebMarshal Default Rules 6.8 - Trustwave … · This document provides a text listing of the access policies that are installed by default with a new installation of WebMarshal (6.8.1.7774)

Technical Reference

m86security.com

WebMarshal Default Rules (Release 6.8.1)

Contents

TRACEnet 3

SafeSearch 3 Connection Rules 3

[Reporting Classification] 3 [Global Policy] 3 [Power User Policy] 4 [Standard User Policy] 5 [Restricted User Policy] 5

HTTPS Rules (disabled) 6 [Global Policy] 6

Quota Rules 8 [Global Policy] 8 [Power User Policy] 8 [Standard User Policy] 9 [Restricted User Policy] 10

Standard Rules 10 [Reporting Classification] 11 [Global Policy] 15 [Power User Policy] 16 [Standard User Policy] 21 [Restricted User Policy] 25

Content Analysis Rules 30 [Reporting Classification] 30 [Global Policy] 32 [Power User Policy] 34 [Standard User Policy] 38 [Restricted User Policy] 41

Technical Reference

m86security.com

This document provides a text listing of the access policies that are installed by default with a new installation of WebMarshal (6.8.1.7774).

Administrators running older versions of WebMarshal, as well as new users, will be able to review the latest recommended policy in a convenient format.

Rule containers are titled in [Square Brackets]. Conditions set in a parent container also apply to any items within the container.

Rules are evaluated in the order listed.

Not all rules or rule containers are enabled by default. Disabled rules are marked (disabled).

Notes:

• Unlike some previous versions of WebMarshal, the Default Rules for release 6.8.1 do not use nested containers. However the rules do use conditions inherited from parent containers.

• SafeSearch is listed last because this condition is evaluated last. This order differs from the order of elements in the Console menu tree.

Read the notes included in the listing for detailed information.

.

Technical Reference: WebMarshal Default Rules (6.8.1) Page 3

TRACENET

Settings TRACEnet will automatically download updates.

When a site is blocked, users may choose to request reclassification.

New categories will be enabled by default.

SAFESEARCH

CONNECTION RULES [Reporting Classification] When a web request is received For any users And where the protocol/application is any protocol/application And where addressed to any URL

Process rules in this container

Classify - Streaming Media Protocols Classify Streaming Media Protocols and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the protocol/application is of type Microsoft Windows Media, Apple QuickTime Audio/Video, Google Video/YouTube, Real Media And where addressed to any URL

Skip any remaining rules in this container And classify the domain as Streaming Media

Classify - Instant Messaging Protocols Classify Instant Messaging Protocols and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the protocol/application is of type Windows Live Messenger, Yahoo! Messenger, AOL Instant Messenger (AIM), Google Talk And where addressed to any URL

Skip any remaining rules in this container And classify the domain as Messaging & Communications

[Global Policy] When a web request is received For any users And where the protocol/application is any protocol/application And where addressed to any URL


Permit - Full access for Unrestricted Users This rule will bypass all remaining rules in this container for all users in the Unrestricted Site Access user group. USAGE: Add additional users into the Unrestricted Site Access user group.

When a web request is received Where the user is a member of Unrestricted Site Access


And where the protocol/application is any protocol/application And where addressed to any URL

Permit access And do not process any further connection rules

Permit - Exclude From All Rules This rule will bypass all remaining rules in this container for sites included in the '[Exclude From All Rules]' URL grouping. USAGE: Add additional URLs into any of the URL Categories contained in the '[Exclude From All Rules]' Category grouping.

When a web request is received For any users And where the protocol/application is any protocol/application And where the URL is a member of [Exclude From All Rules]


Block Protocol - Instant Messaging (disabled) Block Instant Messaging protocol for selected users. USAGE: This rule will block all the selected Messaging protocols. Modify the selection of blocked protocols as needed.


Block the connection and return a 503 return code And do not process any further connection rules

Block Protocol - Streaming Media (disabled) Block Streaming Media protocol for selected users. USAGE: This rule will block all the selected Streaming Media protocols. Modify the selection of blocked protocols as needed.

When a web request is received For any users And where the protocol/application is of type Microsoft Windows Media, Real Media, Apple QuickTime Audio/Video, Google Video/YouTube And where addressed to any URL


[Power User Policy] When a web request is received Where the user is a member of Power Users And where the protocol/application is any protocol/application And where addressed to any URL









[Standard User Policy] When a web request is received Where the user is a member of Standard Users And where the protocol/application is any protocol/application And where addressed to any URL








[Restricted User Policy] When a web request is received Where the user is a member of Restricted Users And where the protocol/application is any protocol/application And where addressed to any URL


Block Protocol - Instant Messaging Block Instant Messaging protocol for selected users. USAGE: This rule will block all the selected Messaging protocols. Modify the selection of blocked protocols as needed.




Block Protocol - Streaming Media Block Streaming Media protocol for selected users. USAGE: This rule will block all the selected Streaming Media protocols. Modify the selection of blocked protocols as needed.



Permit - Instant Messaging Protocols Permit Instant Messaging protocol for all users. This rule applies to all users not blocked by previous Connection Rules. USAGE: This rule will permit connections on all the selected Messaging protocols. Modify the selection of blocked protocols as needed.



Permit - Streaming Media Protocols Permit Streaming Media protocol for all users. This rule applies to all users not blocked by previous Connection Rules. USAGE: This rule will permit connections on all the selected Streaming Media protocols. Modify the selection of blocked protocols as needed.



HTTPS RULES (DISABLED)

[Global Policy] When a web request is received For any users And where addressed to any URL


Permit - Do not inspect HTTPS for Unrestricted Users Do not inspect encrypted content for any user in the Unrestricted Site Access user group USAGE: Add additional users into the Unrestricted Site Access user group.

When a web request is received Where the user is a member of Unrestricted Site Access And where addressed to any URL

Permit access and do not inspect content And do not process any further HTTPS rules


Do Not Inspect - Personal & Private Information (disabled) Do not inspect encrypted content if transaction has potential to contain personal information such as banking information, credit card numbers or private medical information. USAGE: Add sites or URL categories if they need to be excluded from HTTPS content scanning.

When a web request is received For any users And where the URL is a member of [Personal & Private Information]


Do Not Inspect - SSL/TLS Could Not be Negotiated (disabled) Do not attempt content inspection of encrypted content if SSL/TLS could not be negotiated.

When a web request is received For any users And where addressed to any URL And where SSL/TLS could not be negotiated


Block - SSLv2 Many browsers now have SSLv2 disabled by default. If WebMarshal is configured to allow SSLv2 to be used then this could override the browser defaults. For more information please see the following M86 Security Knowledge Base Article: Q12037 - INFO: WebMarshal HTTPS inspection and SSL/TLS versions

When a web request is received For any users And where addressed to any URL And where the security protocol is SSL v2

Block access to this site and display Blocked page And do not process any further HTTPS rules

Inspect - Webmail Content (disabled) Enable Content Inspection for encrypted (HTTPS) Webmail content

When a web request is received For any users And where the URL is a member of Web Mail

Permit access and inspect content And do not process any further HTTPS rules

Inspect - Potential Data Leakage (disabled) Enable Content Inspection for sites using encryption which may afford opportunities for data leakage. Examples might include online forums, job search sites and Web 2.0 sites like MySpace and Bebo.

When a web request is received For any users And where the URL is a member of Web Mail, Blogs, Personal Pages & Forums, Job Search, Messaging & Communications, Opinion, Beliefs & Cultural, Social Networking


Inspect - All Other HTTPS Sites (disabled) Inspect all HTTPS traffic not previously inspected or excluded by preceding rules.

When a web request is received For any users And where addressed to any URL



QUOTA RULES

[Global Policy] When a web request is received For any users And where the protocol/application is any protocol/application And where addressed to any URL



When a web request is received Where the user is a member of Unrestricted Site Access And where the protocol/application is any protocol/application And where addressed to any URL

Stop processing quota rules

Quota - 2 hours per week on Social Networking sites (disabled) This rule applies a quota of 2 hours per week for time spent on Social Networking sites. USAGE: Alter the quota time as needed in order to restrict time spent on Social Networking sites.

When a web request is received For any users And where the protocol/application is any protocol/application And where the URL is a member of Social Networking

Apply quota(s) 2 Hours per Week to the user And continue processing rules

Quota - 2 hours browsing per day (disabled) This rule applies a quota of 2 hours per day. USAGE: You may want to alter this rule to alter the amount of time allowed in the daily quota.

When a web request is received For any users And where the protocol/application is any protocol/application And where addressed to any URL

Apply quota(s) 2 Hours per Day to the user And continue processing rules

Quota - 100 MB browsing per day (disabled) Applies the '100 MB per Day' quota. Usage: This rule is used to prevent users downloading an excessive amount of data on any given day. You may want to alter this rule so that it only applies to specific times of day or alter the bandwidth allotment.


Apply quota(s) 100 MB per Day to the user And continue processing rules

[Power User Policy] When a web request is received Where the user is a member of Power Users And where the protocol/application is any protocol/application And where addressed to any URL









Quota - 100 MB browsing per day (disabled) Applies the '100 MB per Day' quota. Usage: This rule is used to prevent users downloading an excessive amount of data on any given day. You may want to alter this rule so that it only applies to specific times of day or alter the bandwidth allotment.



[Standard User Policy] When a web request is received Where the user is a member of Standard Users And where the protocol/application is any protocol/application And where addressed to any URL









Quota - 100 MB browsing per day (disabled) Applies the '100 MB per Day' quota to users. Usage: This rule is used to prevent users downloading an excessive amount of data on any given day. You may want to alter this rule so that it only applies to specific times of day or alter the bandwidth allotment.



[Restricted User Policy] When a web request is received Where the user is a member of Restricted Users And where the protocol/application is any protocol/application And where addressed to any URL


Quota - 2 hours browsing per week (disabled) Applies the '2 Hours per Week' quota to members of the 'Restricted Users' group. USAGE: You may want to alter this rule to alter the amount of time allowed in the weekly quota.



Quota - 10 MB browsing per week (disabled) Applies the '10 MB per Week' quota to users. USAGE: This rule is very restrictive. You may want to alter this rule so that it only applies to specific times of day or alter the bandwidth allotment.


Apply quota(s) 10 MB per Week to the user And continue processing rules

STANDARD RULES

Block - Undefined WebMarshal User Block access for all users that don't belong to the default WebMarshal groups. USAGE: New users or groups imported into WebMarshal should be added to a suitable default usergroup. If no suitable default rule exists, then new groups should be created, and new rules should be written for these users. Add new usergroups to the user exclusion list in this rule as required. NOTE: The “Exclude From Reporting” default group is not included in this rule because it does not control access to sites.

When a web request is received For any users Except where the user is a member of Power Users, Restricted Users, Standard Users, Unrestricted Site Access And where addressed to any URL

Block access to this site and display Blocked page And do not process any further standard rules


[Reporting Classification] When a web request is received For any users And where addressed to any URL


Exclude From Reporting – Exclude From Reporting Users Excludes the browsing activities of selected users from reporting. * Warning. The rules in this container will remove the relevant traffic from all logging (Database, Text, WELF and Active Sessions)

When a web request is received Where the user is a member of Exclude From Reporting And where addressed to any URL

Skip any remaining rules in this container And exclude the site from reporting (do not log browsing)

Exclude From Reporting - Advertising (disabled) Excludes the browsing activities of users from reporting. * Warning. The rules in this container will remove the relevant traffic from all logging (Database, Text, WELF and Active Sessions)

When a web request is received For any users And where the URL is a member of Advertising


Exclude From Reporting - Content Delivery Networks (disabled) Excludes the browsing activities of users from reporting. * Warning. The rules in this container will remove the relevant traffic from all logging (Database, Text, WELF and Active Sessions)

When a web request is received For any users And where the URL is a member of Content Delivery Network


Exclude From Reporting - Web Analytics (disabled) Excludes the browsing activities of users from reporting. * Warning. The rules in this container will remove the relevant traffic from all logging (Database, Text, WELF and Active Sessions)

When a web request is received For any users And where the URL is a member of Web Analytics


Classify - Excluded From All Rules Classify excluded sites and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of [Exclude From All Rules]

Classify the domain as Excluded From All Rules And continue processing rules

Classify - Dangerous File Extensions Classify sites with files which are known to be dangerous (such as VBScript) by the file extension. USAGE: Add or remove file names to the matched file list as required.


When a web request is received For any users And where addressed to any URL And where the file name matches *.bat, *.eml, *.nws, *.vbs

Skip any remaining rules in this container And classify the domain as Possible Dangerous File

Classify - Security Threat Classify Security Threat Sites used to circumvent policy enforcement, and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of Security Threats

Skip any remaining rules in this container And classify the domain as Security Threat

Classify - Anonymizer Classify Anonymizer Sites used to circumvent policy enforcement, and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of Anonymizers & Remote Access

Skip any remaining rules in this container And classify the domain as Anonymizer

Classify - Adult & Nudity Classify Adult & Nudity sites and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of Adult & Nudity

Skip any remaining rules in this container And classify the domain as Adult & Nudity

Classify - File Sharing & Downloads Classify File Sharing & Download sites and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of File Sharing & Download Sites

Skip any remaining rules in this container And classify the domain as File Sharing & Downloads

Classify - Social Networking Classify Social Networking sites, such as Facebook and Myspace, and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of Social Networking

Skip any remaining rules in this container And classify the domain as Social Networking


Classify - Streaming Media Classify Streaming Media sites and records such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of Streaming Media

Skip any remaining rules in this container And classify the domain as Streaming Media

Classify - Advertising Classify Advertising sites and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of Advertising

Skip any remaining rules in this container And classify the domain as Advertising

Classify - Content Delivery Network Classify Content Delivery Network sites and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of Content Delivery Network

Skip any remaining rules in this container And classify the domain as Content Delivery Network

Classify - News Classify News sites, such as cnn.com and bbc.co.uk, and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of News

Skip any remaining rules in this container And classify the domain as News

Classify - Health & Medical Classify Health & Medical sites and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of Health & Medical

Skip any remaining rules in this container And classify the domain as Health & Medical

Classify - Sports Classify Sports sites and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of Sports

Skip any remaining rules in this container And classify the domain as Sports


Classify - Search Engine Classify Search Engine sites, such as google.com and Yahoo.com, and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of Search Engines

Skip any remaining rules in this container And classify the domain as Search Engine

Classify - Translation Proxies Classify Translation Proxy sites and records such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of Translation Proxies

Skip any remaining rules in this container And classify the domain as Translation Proxy

Classify - Technology Classify Technology sites and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of Technology

Skip any remaining rules in this container And classify the domain as Technology

Classify - Web Analytics Classify Web Analytics sites and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of Web Analytics

Skip any remaining rules in this container And classify the domain as Web Analytics

Classify - R Rated & Profanity Classify R Rated sites and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of R Rated & Profanity

Skip any remaining rules in this container And classify the domain as R Rated & Profanity

Classify - Harmful & Stealth Classify Harmful & Stealth sites, such as Anonymizer Proxy, File Sharing and Security Threat sites, and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of [Harmful & Stealth]

Skip any remaining rules in this container And classify the domain as Harmful & Stealth


Classify - Time Wasting Classify Time Wasting sites, such as Discussion Forums and Social Networking sites, and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of [Time Wasting]

Skip any remaining rules in this container And classify the domain as Time Wasting

Classify - Personal & Private Classify sites such as Medical and Banking sites and record such access in the WebMarshal SQL database. NOTE: SQL Logging must be enabled for classifications to be recorded, and for Web usage reports to be produced.

When a web request is received For any users And where the URL is a member of [Personal & Private Information]

Skip any remaining rules in this container And classify the domain as Personal & Private Information

Classify - All unknown sites Classify sites unknown to WebMarshal and record such access as Unknown URLs.

When a web request is received For any users And where addressed to any URL Except where the URL is a member of [All URL Categories]

Skip any remaining rules in this container And classify the domain as Unknown URLs

Classify - All other known sites Classify sites which are known to WebMarshal, but which have not triggered any previous rules.

When a web request is received For any users And where the URL is a member of [All URL Categories]

Skip any remaining rules in this container And classify the domain as Other Known URLs





Permit access And do not process any further standard rules

Permit - Exclude From All Rules This rule will bypass all remaining rules in this container for sites included in the '[Exclude From All Rules]' URL grouping. USAGE: To permit an additional URL, add it to the [Exclude From All Rules] category.




Display Global Company Browsing Policy (disabled) Requires all users to acknowledge a company Internet policy page before beginning browsing. This page will only be displayed once a day for each user. You may want to customize the policy page for your company.


Display WarningPolicy page once per day And continue processing rules

Display Quota Limits Policy (disabled) Prompts users at the beginning of a browsing session with a list of quotas available.


Display WarningQuotas page once per day And continue processing rules

Display Policy for Scanning of Encrypted Content (disabled) This policy warning reminds users that encrypted content may be scanned and monitored by WebMarshal. This page will only be displayed once a day for affected users, and only when WebMarshal processes encrypted data. You may want to customize the policy page for your company.

When a web request is received For any users And where addressed to any URL And where the content is inspected HTTPS content

Display Warning page once per day And continue processing rules

[Power User Policy] When a web request is received Where the user is a member of Power Users And where addressed to any URL


Block URL - Adult & Nudity Blocks sites contained in the Adult & Nudity category. USAGE: To block additional URLs add them into the 'Adult & Nudity' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.

When a web request is received For any users And where the URL is a member of Adult & Nudity Except where the URL is a member of [Exclude From Block URL Rules]

Block access to this site and display BlockedOffensive page And do not process any further standard rules

Block URL - Advertisement (disabled) Blocks sites contained in the Advertising category. USAGE: To block additional URLs add them into the 'Advertising' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.


When a web request is received For any users And where the URL is a member of Advertising Except where the URL is a member of [Exclude From Block URL Rules]

Block access to this site and display BlockedAdvertisingSmall page And do not process any further standard rules

Block URL - Social Networking Sites (disabled) Blocks sites contained in the Social Networking category. USAGE: To block additional URLs add them into the 'Social Networking' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.

When a web request is received For any users And where the URL is a member of Social Networking Except where the URL is a member of [Exclude From Block URL Rules]


Block URL - Anonymizer Sites (disabled) Blocks sites contained in the Anonymizers & Remote Access category. USAGE: To block additional URLs add them into the 'Anonymizers & Remote Access' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.

When a web request is received For any users And where the URL is a member of Anonymizers & Remote Access Except where the URL is a member of [Exclude From Block URL Rules]


Block URL - Translation Proxy Sites (disabled) Blocks sites contained in the Translation Proxies category. USAGE: To block additional URLs add them into the 'Translation Proxies' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.

When a web request is received For any users And where the URL is a member of Translation Proxies Except where the URL is a member of [Exclude From Block URL Rules]


Block URL - Harmful & Stealth (disabled) Blocks sites contained in the Harmful & Stealth category. USAGE: To block additional URLs add them into the 'Harmful & Stealth' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.

When a web request is received For any users And where the URL is a member of [Harmful & Stealth] Except where the URL is a member of [Exclude From Block URL Rules]


Block URL - Access by IP address (disabled) This rule blocks access if the URL used is an IP address.



Except where the URL is a member of [Exclude From Block URL Rules] And where the URL domain name is an IP address


Block URL - Time Wasting Inside Office Hours (disabled) Limits access to sites contained in the Time Wasting category, except outside of office hours. USAGE: To block additional URLs add them into the 'Time Wasting' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping. Modify the 'Business Hours' schedule as necessary.

When a web request is received For any users And where the URL is a member of [Time Wasting] Except where the URL is a member of [Exclude From Block URL Rules] And where the time of day is inside of Business Hours


Block URL - Gambling Sites (disabled) Blocks sites contained in the Gambling category. USAGE: To block additional URLs add them into the 'Gambling' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.

When a web request is received For any users And where the URL is a member of Gambling Except where the URL is a member of [Exclude From Block URL Rules]


Block URL - Legal Risk Sites (disabled) Blocks sites contained in the Legal Risk category. USAGE: To block additional URLs add them into the '[Legal Risk]' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.

When a web request is received For any users And where the URL is a member of [Legal Risk] Except where the URL is a member of [Exclude From Block URL Rules]


Block URL - R Rated & Profanity (disabled) Blocks sites contained in the R Rated & Profanity category. USAGE: To block additional URLs add them into the 'R Rated & Profanity' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.

When a web request is received For any users And where the URL is a member of R Rated & Profanity Except where the URL is a member of [Exclude From Block URL Rules]


Block URL - All Unknown Sites (disabled) Blocks sites not contained in the any category. USAGE: If sites need to be excluded from this rule, ensure they belong to at least one category.

When a web request is received For any users


And where addressed to any URL Except where the URL is a member of [All URL Categories]


Block Download - Files Larger Than 20MB (disabled) Blocks large downloads. USAGE: Set the file size limit as required.

When a web request is received for download For any users And where addressed to any URL And where the transferred data size is Greater than 20480 KB

Block access to this site and display FileBlocked page And do not process any further standard rules

Block Upload - Files Larger Than 5MB (disabled) Use this rule to prevent users from wasting Internet bandwidth. USAGE: Set the file size limit as required.

When a web request is received for upload For any users And where addressed to any URL And where the transferred data size is Greater than 5120 KB

Block access to this site and display UploadBlocked page And send a notification email to the administrator And do not process any further standard rules

Block Upload - Restricted File Types (disabled) This rule blocks users from uploading restricted file types. USAGE: Modify this rule to specify file types you don't want users to upload.

When a web request is received for upload For any users And where addressed to any URL And where the file type is ENCRYPTED, EXECUTABLE

Block access to this site and display UploadBlocked page And do not process any further standard rules

Block File - Dangerous File Extensions (disabled) Block files which are known to be dangerous (such as VBScript) by the file extension. USAGE: Add or remove file names to the matched file list as required.


Block access to this site and display FileBlocked page And send a notification email to the administrator And do not process any further standard rules

Block File - File Sharing Files This rule blocks access to files associated with File Sharing. USAGE: Add or remove file names to the download file name list as necessary.

When a web request is received For any users And where addressed to any URL And where the file name matches *.torrent, apexdc*_*_*.*, aresregular*.exe, bittorrent-*.*, deluge-0*.tar.gz, emule0.*.*, emuleplus*.*, mldonkey-*.bz2, morpheus.exe, shareaza_*.*, torrentvolve*.*, utorrent*.exe, utorrent*.zip



Block File - Dangerous files (disabled) Blocks file types known to be potentially dangerous. USAGE: Add or remove file types to the matched file type list as required.

When a web request is received For any users And where addressed to any URL And where the file type is PST, OST, LNK, URL, CHM, REG, RCM, MSG, P7S, PGPSigned, AppleSingle, AppleDouble


Block File - Executables (disabled) This rule blocks Executable files.

When a web request is received For any users And where addressed to any URL And where the file type is EXECUTABLE


Block File - Documents (disabled) Blocks document files (including Microsoft Word, Excel).

When a web request is received For any users And where addressed to any URL And where the file type is DOCUMENT


Block File - Multimedia (disabled) Block multimedia (sound, video) files.

When a web request is received For any users And where addressed to any URL And where the file type is SOUND, AVI, MOV, MPG, DVM, FLI, FLC, FLV, OGV


Block File - Archives (disabled) Block Archive files. This rule does not examine the content of Archive files. If you need to implement control of Archived content, use a Content Analysis Rule.

When a web request is received For any users And where addressed to any URL And where the file type is ARCHIVE


Block File - Unknown Binary Files (disabled) Blocks binary files where the type can not be identified by WebMarshal WARNING: Enable this rule with extreme caution as it may have undesirable ramifications. Many legitimate and business-related sites and products use proprietary binary files for their normal operation. For example, enabling this rule could interfere with product updates or anti-virus updates. If you do enable the rule, the related problems can be mitigated by adding affected addresses to the '[Exclude From All Rules]' URL Category list.



And where addressed to any URL And where the file type is BIN


[Standard User Policy] When a web request is received Where the user is a member of Standard Users And where addressed to any URL





Block URL - Advertisement Blocks sites contained in the Advertising category. USAGE: To block additional URLs add them into the 'Advertising' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.

When a web request is received For any users And where the URL is a member of Advertising Except where the URL is a member of [Exclude From Block URL Rules]


Block URL - Social Networking Sites (disabled) Blocks sites contained in the Social Networking category. USAGE: To block additional URLs add them into the 'Social Networking' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.



Block URL - Anonymizer Sites Blocks sites contained in the Anonymizers & Remote Access category. USAGE: To block additional URLs add them into the 'Anonymizers & Remote Access' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.




Block URL - Translation Proxy Sites Blocks sites contained in the Translation Proxies category. USAGE: To block additional URLs add them into the 'Translation Proxies' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.



Block URL - Harmful & Stealth Blocks sites contained in the Harmful & Stealth category. USAGE: To block additional URLs add them into the 'Harmful & Stealth' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.



Block URL - Access by IP address (disabled) This rule blocks access if the URL used is an IP address.

When a web request is received For any users And where addressed to any URL Except where the URL is a member of [Exclude From Block URL Rules] And where the URL domain name is an IP address


Block URL - Time Wasting Inside Office Hours (disabled) Limits access to sites contained in the Time Wasting category, except outside of office hours. USAGE: To block additional URLs add them into the 'Time Wasting' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping. Modify the 'Business Hours' schedule as necessary.



Block URL - Gambling Sites Blocks sites contained in the Gambling category. USAGE: To block additional URLs add them into the 'Gambling' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.




Block URL - Legal Risk Sites Blocks sites contained in the Legal Risk category. USAGE: To block additional URLs add them into the '[Legal Risk]' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.



Block URL - R Rated & Profanity (disabled) Blocks sites contained in the R Rated & Profanity category. USAGE: To block additional URLs add them into the 'R Rated & Profanity' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.



Block URL - All Unknown Sites (disabled) Blocks sites not contained in the any category. USAGE: If sites need to be excluded from this rule, ensure they belong to at least one category.



Block Download - Files Larger Than 20MB (disabled) Blocks large downloads. USAGE: Set the file size limit as required.



Block Upload - Files Larger Than 5MB (disabled) Use this rule to prevent users from wasting Internet bandwidth. USAGE: Set the file size limit as required.



Block Upload - Restricted File Types This rule blocks users from uploading restricted file types. USAGE: Modify this rule to specify file types you don't want users to upload.

When a web request is received for upload For any users


And where addressed to any URL And where the file type is ENCRYPTED, EXECUTABLE


Block File - Dangerous File Extensions Block files which are known to be dangerous (such as VBScript) by the file extension. USAGE: Add or remove file names to the matched file list as required.






Block File - Dangerous files Blocks file types known to be potentially dangerous. USAGE: Add or remove file types to the matched file type list as required.



Block File - Executables This rule blocks Executable files.



Block File - Documents (disabled) Blocks document files (including Microsoft Word, Excel).




Block File - Multimedia (disabled) Block multimedia (sound, video) files.



Block File - Archives (disabled) Block Archive files. This rule does not examine the content of Archive files. If you need to implement control of Archived content, use a Content Analysis Rule.




When a web request is received For any users And where addressed to any URL And where the file type is BIN


[Restricted User Policy] When a web request is received Where the user is a member of Restricted Users And where addressed to any URL





Block URL - Advertisement Blocks sites contained in the Advertising category. USAGE: To block additional URLs add them into the 'Advertising' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.



And where the URL is a member of Advertising Except where the URL is a member of [Exclude From Block URL Rules]


Block URL - Social Networking Sites Blocks sites contained in the Social Networking category. USAGE: To block additional URLs add them into the 'Social Networking' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.



Block URL - Anonymizer Sites Blocks sites contained in the Anonymizers & Remote Access category. USAGE: To block additional URLs add them into the 'Anonymizers & Remote Access' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.



Block URL - Translation Proxy Sites Blocks sites contained in the Translation Proxies category. USAGE: To block additional URLs add them into the 'Translation Proxies' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.



Block URL - Harmful & Stealth Blocks sites contained in the Harmful & Stealth category. USAGE: To block additional URLs add them into the 'Harmful & Stealth' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.



Block URL - Access by IP address This rule blocks access if the URL used is an IP address.

When a web request is received For any users And where addressed to any URL Except where the URL is a member of [Exclude From Block URL Rules] And where the URL domain name is an IP address



Block URL - Time Wasting Inside Office Hours Limits access to sites contained in the Time Wasting category, except outside of office hours. USAGE: To block additional URLs add them into the 'Time Wasting' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping. Modify the 'Business Hours' schedule as necessary.



Block URL - Gambling Sites Blocks sites contained in the Gambling category. USAGE: To block additional URLs add them into the 'Gambling' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.



Block URL - Legal Risk Sites Blocks sites contained in the Legal Risk category. USAGE: To block additional URLs add them into the '[Legal Risk]' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.



Block URL - R Rated & Profanity Blocks sites contained in the R Rated & Profanity category. USAGE: To block additional URLs add them into the 'R Rated & Profanity' category. If sites need to be excluded from this rule, add URLs into the '[Exclude From Block URL Rules]' category grouping.



Block URL - All Unknown Sites Blocks sites not contained in the any category. USAGE: If sites need to be excluded from this rule, ensure they belong to at least one category.




Block Download - Files Larger Than 20MB Blocks large downloads. USAGE: Set the file size limit as required.



Block Upload - Files Larger Than 5MB Use this rule to prevent users from wasting Internet bandwidth. USAGE: Set the file size limit as required.



Block Upload - Restricted File Types This rule blocks users from uploading restricted file types. USAGE: Modify this rule to specify file types you don't want users to upload.

When a web request is received for upload For any users And where addressed to any URL And where the file type is ENCRYPTED, EXECUTABLE


Block File - Dangerous File Extensions Block files which are known to be dangerous (such as VBScript) by the file extension. USAGE: Add or remove file names to the matched file list as required.






Block File - Dangerous files Blocks file types known to be potentially dangerous. USAGE: Add or remove file types to the matched file type list as required.




Block File - Executables This rule blocks Executable files.



Block File - Documents Blocks document files (including Microsoft Word, Excel).



Block File - Multimedia Block multimedia (sound, video) files.



Block File - Archives Block Archive files. This rule does not examine the content of Archive files. If you need to implement control of Archived content, use a Content Analysis Rule.




When a web request is received For any users And where addressed to any URL And where the file type is BIN



Permit - All other traffic Permit remaining traffic not previously blocked or permitted by preceding rules.



CONTENT ANALYSIS RULES

[Reporting Classification] When a web request is received For any users And where addressed to any URL


Classify - File Sharing (disabled) Scans for File sharing links and classifies matching pages as 'File Sharing & Downloads'. Access to the site is not blocked by this rule. USAGE: Turn on this rule to scan for, and classify, File Sharing content.

When a web request is received For any users And where addressed to any URL And where the content matches all of File Sharing

Skip any remaining rules in this container And classify the domain as File Sharing & Downloads

Classify - Weapons Content (disabled) Scans web pages for Weapons content and classifies matching pages as 'Time Wasting' . Access to the site is not blocked by this rule. USAGE: Turn on this rule to scan for, and classify, Weapons content.

When a web request is received For any users And where addressed to any URL And where the content matches all of Weapons


Classify - Gambling Content (disabled) Scans web pages for Gambling content and classifies matching pages as 'Time Wasting'. Access to the site is not blocked by this rule. USAGE: Turn on this rule to scan for, and classify, Gambling content.

When a web request is received For any users And where addressed to any URL And where the content matches all of Gambling


Classify - Gaming Content (disabled) Scans web pages for Gaming content and classifies matching pages as 'Time Wasting'. Access to the site is not blocked by this rule. USAGE: Turn on this rule to scan for, and classify, Gaming content.



And where addressed to any URL And where the content matches all of Gaming


Classify - Discussion Forum (disabled) Scans web pages for discussion forum content and classifies matching pages as 'Time Wasting'. Access to the site is not blocked by this rule. USAGE: Turn on this rule to scan for, and classify, Discussion Forum content.

When a web request is received For any users And where addressed to any URL And where the content matches all of Discussion Forums


Classify - Basic News Sites (disabled) Scans web pages for news content and classifies matching pages as 'News'. Access to the site is not blocked by this rule. USAGE: Turn on this rule to scan for, and classify, basic News content.

When a web request is received For any users And where addressed to any URL And where the content matches all of News

Skip any remaining rules in this container And classify the domain as News

Classify - Sports Content (disabled) Scans web pages for sports content and classifies matching pages as 'Sports'. Access to the site is not blocked by this rule. USAGE: Turn on this rule to scan for, and classify, Sports content.

When a web request is received For any users And where addressed to any URL And where the content matches all of Sports

Skip any remaining rules in this container And classify the domain as Sports

Classify - Stocks & Financial Sites (disabled) Scans web pages for financial stock trading content and classifies matching pages as 'Personal & Private Information'. Access to the site is not blocked by this rule. USAGE: Turn on this rule to scan for, and classify, Stock & Financial content.

When a web request is received For any users And where addressed to any URL And where the content matches all of Stocks & Financial

Skip any remaining rules in this container And classify the domain as Personal & Private Information

Classify - Anonymizers Scans web pages for Anonymizer content and classifies matching pages as 'Anonymizer'. Access to the site is not blocked by this rule. USAGE: Turn on this rule to scan for, and classify, Anonymizer content.

When a web request is received for download For any users And where addressed to any URL And where the content matches all of Anonymizers

Skip any remaining rules in this container And classify the domain as Anonymizer


Classify - Racist & Hate Content Scans web pages for Racist & Hate content and classifies matching pages as 'Legal Risk'. Access to the site is not blocked by this rule.

When a web request is received for download For any users And where addressed to any URL And where the content matches all of Racist & Hate

Skip any remaining rules in this container And classify the domain as Legal Risk

Classify - Offensive Language (disabled) Scans web pages for offensive language and classifies matching pages as 'R Rated & Profanity'. Access to the site is not blocked by this rule. USAGE: Turn on this rule to scan for, and classify, Offensive Language content.

When a web request is received For any users And where addressed to any URL And where the content matches all of Offensive Language

Skip any remaining rules in this container And classify the domain as R Rated & Profanity

Classify - Web Mail Content (disabled) Scans for web sites that appear to be mail sites and classifies matching pages as 'Time Wasting'. Access to the site is not blocked by this rule. USAGE: Turn on this rule to scan for, and classify, Web Mail content.

When a web request is received For any users And where addressed to any URL And where the content matches all of Web Mail




Scanning Bypass - Exclude From Malware Scanning This rules is used to bypass malware scanning for a specific set of URLs. USAGE: Add urls to the [Exclude From Malware Scanning] category to bypass malware scanning.

When a web request is received For any users And where the URL is a member of [Exclude From Malware Scanning]

Skip any remaining rules in this container

Block Malware - Virus Infected Files (disabled) This rule uses any installed Virus Scanners to scan for harmful downloads. To increase performance, common image and text files are excluded from scanning. Usage: Enable this rule after installing one or more Virus Scanners.

When a web request is received For any users And where addressed to any URL And for any file type Except where the file type is JPG, GIF, PNG, TEXT, HTML, JS, CSS And where the result of a malware scan by any virus scanner is Malware Found

Block the file and display FileBlockedVirus page Or abort the download of this file and display FileAbortedVirus page


And send a notification email to the administrator And classify the file as Malware And do not process any further content analysis rules

Block Malware - Virus Infected Files - EXTENSIVE (disabled) WARNING: With this rule enabled ALL files are scanned, including image and text files. While this gives full coverage of web downloads, it may cause a decrease in browsing performance. If this rule is enabled, the rule 'Block Malware - Virus Infected Files' becomes redundant and should be disabled. Usage: Enable this rule after installing one or more Virus Scanners. Ensure that 'Block Malware - Virus Infected Files' is disabled.

When a web request is received For any users And where addressed to any URL And where the result of a malware scan by any virus scanner is Malware Found

Block the file and display FileBlockedVirus page Or abort the download of this file and display FileAbortedVirus page And send a notification email to the administrator And classify the file as Malware And do not process any further content analysis rules

Block Malware - Spyware Infected Files (disabled) This rule uses any installed Spyware scanners to scan for harmful downloads. To increase performance, common image and text files are excluded from scanning. Usage: Enable this rule after installing one or more Spyware scanners.

When a web request is received For any users And where addressed to any URL And for any file type Except where the file type is JPG, GIF, PNG, TEXT, HTML, JS, CSS And where the result of a malware scan by any spyware scanner is Malware Found

Block the file and display FileBlockedSpyware page Or abort the download of this file and display FileAbortedSpyware page And send a notification email to the administrator And classify the file as Malware And do not process any further content analysis rules

Block Malware - Spyware Infected Files - EXTENSIVE (disabled) WARNING: With this rule enabled ALL files are scanned, including image and text files. While this gives full coverage of web downloads, it may cause a decrease in browsing performance. If this rule is enabled, the rule 'Block Malware - Spyware Infected Files' becomes redundant and should be disabled. Usage: Enable this rule after installing one or more Spyware Scanners. Ensure that 'Block Malware - Spyware Infected Files' is disabled.

When a web request is received For any users And where addressed to any URL And where the result of a malware scan by any spyware scanner is Malware Found

Block the file and display FileBlockedSpyware page Or abort the download of this file and display FileAbortedSpyware page And send a notification email to the administrator And classify the file as Malware And do not process any further content analysis rules

Block Malware - Malware Scanning Failure (disabled) If the configured Spyware or Virus scanner(s) fail to scan the file then this rule will prevent the user from receiving the unscanned file. USAGE: Enable this rule after installing one or more Spyware or Virus scanners.

When a web request is received For any users And where addressed to any URL And for any file type Except where the file type is JPG, GIF, PNG, TEXT, HTML, JS, CSS


And where the result of a malware scan by any scanner is Password Protected, File Corrupt, Could Not Unpack

Block the file and display FileBlockedMalicious page Or abort the download of this file and display FileAbortedMalicious page And classify the file as Malware And do not process any further content analysis rules

Block Malware - Malware Scanner Failure (disabled) If the configured Spyware or Virus scanner(s) fail to function this rule will notify the administrator and prevent the user from receiving the unscanned file. USAGE: Enable this rule after installing one or more Spyware or Virus scanners.

When a web request is received For any users And where addressed to any URL And for any file type Except where the file type is JPG, GIF, PNG, TEXT, HTML, JS, CSS And where the result of a malware scan by any scanner is Signatures Out Of Date, Update Failure, Unexpected Error

Block the file and display FileBlockedMalicious page Or abort the download of this file and display FileAbortedMalicious page And send a notification email to the administrator And classify the file as Malware And do not process any further content analysis rules

Permit - Full access for Unrestricted Users This rule bypasses all Content Analysis Rules, apart from Malware rules, for members of the 'Unrestricted Site Access' group. NOTE: For Malware rules to apply to Unrestricted Users this rule needs to be below the Malware rules.


Permit access And do not process any further content analysis rules

Permit - Exclude From All Rules This rule will bypass all remaining rules in this container for sites included in the '[Exclude From All Rules]' URL grouping. USAGE: To permit an additional URL, add it to the [Exclude From All Rules] category.



[Power User Policy] When a web request is received Where the user is a member of Power Users And where addressed to any URL


Block File - Encrypted Archives (disabled) Block Encrypted Archives.

When a web request is received For any users And where addressed to any URL And where the file type is SEA, SEAEncrypt, ARJsfxcrypt, RARsfxcrypt, ZIPsfxcrypt, SITEncrypt, ARJcrypt, RARcrypt, ZIPcrypt


Block the file and display FileBlocked page Or abort the download of this file and display FileAborted page And do not process any further content analysis rules

Block File - Executables (inc. archived Executables) (disabled) Block Executable files, even if contained within an archive file (such as Zip or RAR)

When a web request is received For any users And where addressed to any URL And where the file is or contains a file of type EXECUTABLE


Block File - Multimedia (inc. archived Multimedia) (disabled) Block Multimedia files, even if contained within an archive file (such as Zip or RAR).

When a web request is received For any users And where addressed to any URL And where the file is or contains a file of type SOUND, AVI, MOV, MPG, DVM, FLI, FLC, FLV, OGV


Block File - Encrypted Files (disabled) Block encrypted files.

When a web request is received For any users And where addressed to any URL And where the file is or contains a file of type ENCRYPTED


Block File - Unpacking Error Block downloads where WebMarshal is unable to unpack file for analysis. Unpacking errors are typically associated with file corruption issues.

When a web request is received For any users And where addressed to any URL And where an error occurs while unpacking

Block the file and display Blocked page Or abort the download of this file and display FileAborted page And do not process any further content analysis rules

Block Upload - Offensive Text Content (disabled) Prevents users from uploading offensive text (typically to a web mail site or forum).

When a web request is received for upload For any users And where addressed to any URL And where the content matches any of Pornographic, Offensive Language, Racist & Hate

Block the file and display UploadBlockedTextCensor page Or abort the download of this file and display FileAborted page And do not process any further content analysis rules


Block Upload - Forum Posting (disabled) Prevents Users from uploading data on Discussion and Forum sites.

When a web request is received for upload For any users And where the URL is a member of Blogs, Personal Pages & Forums

Block the file and display UploadBlocked page Or abort the download of this file and display FileAborted page And do not process any further content analysis rules

Block Upload - WebMail (disabled) Prevents Users from uploading data on Web Mail sites.

When a web request is received for upload For any users And where the URL is a member of Web Mail And where the transferred data size is Greater than 1 KB


Block Upload - Job Site Posting (disabled) Prevents users from uploading data on Jobs Search sites (e.g. Monster.com).

When a web request is received for upload For any users And where the URL is a member of Job Search And where the transferred data size is Greater than 1 KB


Block Upload - Confidential Content This rule scans content which is being uploaded for keywords indicating potential data leakage. NOTE: This includes any online forms such as Web Mail, Forums and Personal Pages as these uploads are handled as TEXT.

When a web request is received for upload For any users And where addressed to any URL And where the file type is DOCUMENT, TEXT, FORMTXT And where the content matches all of Confidential Data Leakage


Block Upload - All Documents (disabled) This rule blocks all uploads of typical documents (Word, Excel, PDF etc.). NOTE: This rule is quite restrictive and should be applied with care.

When a web request is received for upload For any users And where addressed to any URL And where the file type is DOCUMENT


Block Upload - Suspected Resumes This rule scans uploaded documents for keywords associated with resumes and CVs.

When a web request is received for upload For any users


And where addressed to any URL And where the file type is DOCUMENT, TEXT And where the content matches all of Resumes and CVs


Block Download - Adult & Nudity Content (disabled) Scans web pages for Adult & Nudity type content and blocks any matching pages.

When a web request is received for download For any users And where addressed to any URL And where the content matches any of Pornographic, Age Verification

Block the file and display FileBlockedTextCensorOff page Or abort the download of this file and display FileAborted page And classify the file as Adult & Nudity And do not process any further content analysis rules

Block Download - Browser Hijack (disabled) Scans for commands which may alter your browser settings and adds matching pages to the 'Harmful & Stealth' category.

When a web request is received for download For any users And where addressed to any URL Except where the URL is a member of [All URL Categories] And where the content matches all of Browser Hijack

Block the file and display FileBlockedTextCensor page Or abort the download of this file and display FileAborted page And add the URL to the category Security Threats And classify the domain as Harmful & Stealth And do not process any further content analysis rules

Block Download - Adult & Nudity Mail Content (disabled) Scans for pornographic content in Web Mail. Access is blocked if such content is found, but WebMarshal does not add the site to the 'Adult & Nudity' category.

When a web request is received for download For any users And where the URL is a member of Web Mail And where the content matches all of Pornographic


Block Download - Cached Search Results (disabled) Detects attempts to bypass WebMarshal filtering using search engine cache services. Access is allowed after a warning is given.

When a web request is received for download For any users And where addressed to any URL And where the content matches all of Cached Search Engine Results

Block the file and display Blocked page Or abort the download of this file and display FileAborted page And classify the domain as Anonymizer And do not process any further content analysis rules


Block Download - Offensive Content (disabled) Scans web pages for offensive content, blocking matching pages. NOTE: This rule provides up-front blocking of offensive content. This rule is very restrictive and should be used with caution.

When a web request is received for download For any users And where addressed to any URL Except where the URL is a member of [All URL Categories] And where the content matches any of Offensive Language

Block the file and display FileBlockedTextCensorOff page Or abort the download of this file and display FileAborted page And do not process any further content analysis rules

[Standard User Policy] When a web request is received Where the user is a member of Standard Users And where addressed to any URL


Block File - Encrypted Archives Block Encrypted Archives.



Block File - Executables (inc. archived Executables) (disabled) Block Executable files, even if contained within an archive file (such as Zip or RAR)



Block File - Multimedia (inc. archived Multimedia) (disabled) Block Multimedia files, even if contained within an archive file (such as Zip or RAR).



Block File - Encrypted Files Block encrypted files.







Block Upload - Offensive Text Content Prevents users from uploading offensive text (typically to a web mail site or forum).



Block Upload - Forum Posting (disabled) Prevents Users from uploading data on Discussion and Forum sites.



Block Upload - WebMail (disabled) Prevents Users from uploading data on Web Mail sites.



Block Upload - Job Site Posting (disabled) Prevents users from uploading data on Jobs Search sites (e.g. Monster.com).







Block Upload - All Documents (disabled) This rule blocks all uploads of typical documents (Word, Excel, PDF etc.). NOTE: This rule is quite restrictive and should be applied with care.




When a web request is received for upload For any users And where addressed to any URL And where the file type is DOCUMENT, TEXT And where the content matches all of Resumes and CVs


Block Download - Adult & Nudity Content Scans web pages for Adult & Nudity type content and blocks any matching pages.





Block the file and display FileBlockedTextCensor page Or abort the download of this file and display FileAborted page And add the URL to the category Security Threats


And classify the domain as Harmful & Stealth And do not process any further content analysis rules

Block Download - Adult & Nudity Mail Content (disabled) Scans for pornographic content in Web Mail. Access is blocked if such content is found, but WebMarshal does not add the site to the 'Adult & Nudity' category.



Block Download - Cached Search Results (disabled) Detects attempts to bypass WebMarshal filtering using search engine cache services. Access is allowed after a warning is given.



Block Download - Offensive Content (disabled) Scans web pages for offensive content, blocking matching pages. NOTE: This rule provides up-front blocking of offensive content. This rule is very restrictive and should be used with caution.



[Restricted User Policy] When a web request is received Where the user is a member of Restricted Users And where addressed to any URL


Block File - Encrypted Archives Block Encrypted Archives.




Block File - Executables (inc. archived Executables) Block Executable files, even if contained within an archive file (such as Zip or RAR)



Block File - Multimedia (inc. archived Multimedia) Block Multimedia files, even if contained within an archive file (such as Zip or RAR).



Block File - Encrypted Files Block encrypted files.






Block Upload - Offensive Text Content Prevents users from uploading offensive text (typically to a web mail site or forum).



Block Upload - Forum Posting Prevents Users from uploading data on Discussion and Forum sites.




Block Upload - WebMail Prevents Users from uploading data on Web Mail sites.



Block Upload - Job Site Posting Prevents users from uploading data on Jobs Search sites (e.g. Monster.com).






Block Upload - All Documents This rule blocks all uploads of typical documents (Word, Excel, PDF etc.). NOTE: This rule is quite restrictive and should be applied with care.




When a web request is received for upload For any users And where addressed to any URL And where the file type is DOCUMENT, TEXT And where the content matches all of Resumes and CVs



Block Download - Adult & Nudity Content Scans web pages for Adult & Nudity type content and blocks any matching pages.





Block the file and display FileBlockedTextCensor page Or abort the download of this file and display FileAborted page And add the URL to the category Security Threats And classify the domain as Harmful & Stealth And do not process any further content analysis rules

Block Download - Adult & Nudity Mail Content Scans for pornographic content in Web Mail. Access is blocked if such content is found, but WebMarshal does not add the site to the 'Adult & Nudity' category.



Block Download - Cached Search Results Detects attempts to bypass WebMarshal filtering using search engine cache services. Access is allowed after a warning is given.



Block Download - Offensive Content Scans web pages for offensive content, blocking matching pages. NOTE: This rule provides up-front blocking of offensive content. This rule is very restrictive and should be used with caution.




Permit - All other traffic Permit remaining traffic not previously blocked or permitted by preceding rules.



© Copyright 2010 M86 Security. All rights reserved. M86 Security is a registered trademark of M86 Security. All other product and company names mentioned herein are trademarks or registered trademarks of their respective companies.

ABOUT M86 SECURITY M86 Security is a global provider of Web and messaging security products, delivering comprehensive protection to more than 20,000 customers and over 16 million users worldwide. As one of the largest independent internet security companies, we have the expertise, product breadth and technology to protect organizations from both current and emerging threats. Our appliance, software and cloud-based solutions leverage real-time threat data to proactively secure customers’ networks from malware and spam; protect their sensitive information; and maintain employee productivity. The company is based in Orange, California with international headquarters in London and offices worldwide. For more information about M86 Security, please visit www.m86security.com.

TRY BEFORE YOU BUY M86 Security offers free product trials and evaluations. Simply contact us or visit www.m86security.com/downloads

Corporate Headquarters 828 West Taft Avenue Orange, CA 92865 United States

Phone: +1 (714) 282-6111 Fax: +1 (714) 282-6116

International Headquarters Renaissance 2200 Basing View, Basingstoke Hampshire RG21 4EQ United Kingdom Phone: +44 (0) 1256 848080 Fax: +44 (0) 1256 848060

Asia-Pacific Millennium Centre, Bldg C, Level 1 600 Great South Road Ellerslie, Auckland, 1051 New Zealand Phone: +64 (0) 9 984 5700 Fax: +64 (0) 9 984 5720 Version 10.19.10