This article applies to:
- WebMarshal 6.1 and above
- HTTPS inspection
Question:
- How do I block downloads from HTTPS sites?
Procedure:
To check HTTPS URLs and content, you must complete three steps:
- Enable HTTPS content inspection
- Set up HTTPS rules to inspect sites of interest
- Use a Standard or Content Analysis rule to check the actual content
Enabling HTTPS content inspection
To enable HTTPS Content Inspection, in the WebMarshal Console, navigate to Tools > Global Settings > Policy Element Settings > HTTPS Content Inspection.
Enable inspection and ensure that the WebMarshal certificate is distributed to user workstations.
For details of the procedures, see the User Guide and Help.
- CAUTION: Carefully consider your organizational security and privacy policy. Ensure that users are aware of the fact that secure information is being inspected.
Setting up HTTPS rules
To inspect content for specific sites, in the WebMarshal Console see Access Policy > HTTPS Rules.
In a default installation of the latest version of WebMarshal, Webmail and social networking sites are inspected by default.
You can choose to inspect some or all sites.
- For instance, you can enable the default rule Inspect - All Other HTTPS Sites. This rule reads as follows:
When a web request is received
For any users
And where addressed to any URL
Permit access and inspect content
And do not process any further HTTPS rules
- CAUTION: You should strongly consider excluding known and trusted sites from inspection.
Checking site content
Once a HTTPS site is added to the list of inspected sites, all WebMarshal Standard and Content Analysis rules will apply to that site.