-
Create custom Categories (e.g., Vendor, Company Whitelisted Websites, Company Blacklisted Websites).
You may create additional categories later if required. -
Add websites to custom categories. You may add or remove websites from any of the categories later.
-
Create Virtual User Groups in Access Restrictions depending on the business or technical roles that require users to access web (e.g., Admin Users, General Users). You may do this by combining users or user groups from the Active Directory. Specify the business role in the Comment rule of the Entry.
-
Create an Entry in Access Profiles to block all access and remember to keep it on the top (First Entry).
-
Create an Entry in Access Profiles to block websites belonging to threatful or inappropriate categories. Keep this as the second Entry in the list.
-
Create Entries to Allow access to the custom categories based on their business roles. Keep Entries at the bottom of the list is highly recommended.
-
If you want to implement a lenient strategy:
a. Set the first Entry that blocks access to all websites, to Enabled: False.
b. If you want to control leniency by allowing only limited access to all sites, keep the rule Enabled: True, but Add Profile: Read Only, to block exchange of cookies, and thus prevent users from logging into unwanted websites.
c. Create Entries that restrict Download / Upload of undesirable data types such as videos / executable, by setting the Action to Allow / Block based on User group, Category and data type.