Hello all,
Today I will share few important and quick view at the SafeSquid-SWG Policy Making.
One of the most asked question and query while using SafeSquid-SWG is
1. How do we block a particular site?
2. We have made a lot of config changes and now we want to block some sites, how do we do that?
3. How do we blocka list of websites?
4. We receive a list of websites from our SOC team in daily basis, how can we block it for all the users?
5. Where can we config to block websites?
6. We want to block all the websites and allow specific websites??
And many more
These questions are asked by most of the clients who use SafeSquid-SWG, who wants to understand SafeSquid and then implement it in their environment. And also by most of the freemium users
Before Proceeding ahead by answering these questions, we first need to understand SafeSquid-SWG Policy Walkthrough.
The below link examples each field and use case of SafeSquid Access Policies.
https://docs.safesquid.com/wiki/Access_Profiles
Working of SafeSquid Policy Configuration is explained in the below Post
Working of SafeSquid-SWG ( Application Configuration Working Perspective )
Link : viewtopic.php?f=61&t=180
-------------------------------------
Quick & Easy Answer
-------------------------------------
The above Forum Post Explains the working of the Policy in SafeSquid-SWG, it explains the Top-To-Bottom Approach of the Policy.
Therefore inorder to block a website in SafeSquid-SWG we need to create a policy at the bottom of the Access Policies Section.
-----------------------------------
InDetailed Answer
-----------------------------------
Inorder to Block a website we need to first Identify the Website either by Categorising it in a Private Category or Using the Request Profiles.
Further Detailing it.
The Problem SOP ( Standard Operating Procedure ) of creating a policy in SafeSquid-SWG is following the Policy Creation Path
1. Identification ( Identifying The UserGroup, Website, Request Pattern (header pattern), Client IP etc
2. Applying Restriction Rule ( Allow / Block )
To Identify a website we can group them in two form
1. Add it to a Category
2. Add it to a Request Types
Both ways can be used to Identify the website.
Note: Web Category is used in Priority as it is Flexible, easy to add, maintain website list , it is easily accessible via a Flat file and therefore can be easible transformed and transported to any other application.
Once a website is added to a web category or a Request Profile.
Then the Access Policies can be used to apply restriction on this Identified Web Request.
A quick Policy created at the bottom can block that particular website.
If the user wants to block a new site, he can easily do that without adding a new policy of making changes in the current policy.
He can just add that website to the respective web category or request profile.
This is the easy and quick explaination of Blocking a particular website using SafeSquid-SWG
*** ATTACHMENTS WILL BE ADDED SOON