Web control policy / Full Web Control
Parent topic: Full Web Control Previous topic: Full Web Control Next topic: Exploit prevention policy

Turn on Full Web Control

Note: The following procedure assumes that you have a Sophos Web Appliance, Sophos Management Appliance, or Sophos UTM appliance (version 9.2 or later) that is configured, fully functioning, and using endpoint web control.

By default, the web control policy is turned off. Perform the following steps to enable web control and use the Full Web Control policy.

Note: If you use role-based administration:
  • You must have the Policy setting - web control right to edit a web control policy.
  • You cannot edit a policy if it is applied outside your active sub-estate.

For more information about role-based administration, see Managing roles and sub-estates.

To turn on Full Web Control:

  1. Check which web control policy is used by the group(s) of computers you want to configure. For more information, see Check which policies a group uses.
  2. In the Policies pane, double-click Web control. Then double-click the policy you want to change.
    The Web Control Policy dialog box is displayed.
  3. On the General tab, click Enable web control.
  4. Select Full Web Control.
  5. In the Settings panel, enter the Appliance Hostname and Security Key for Policy Exchange.
    • For a Web Appliance or Management Appliance, you must provide a fully qualified hostname. The security key must match the one that is displayed on the Endpoint Web Control page of the appliance.
    • For UTM, enter the Hostname and the Shared Key of the Sophos LiveConnect broker used by UTM. They can be found in the UTM administrative interface WebAdmin, on the Endpoint Protection > Computer Management > Advanced tab, in the Sophos LiveConnect – Registration section under SEC Information.
    For more information, see the Sophos Web Appliance documentation available at http://wsa.sophos.com/docs/wsa/ or UTM appliance documentation available at http://www.sophos.com/en-us/support/documentation/sophos-utm.aspx.
  6. Optionally, select Block browsing if the website category cannot be determined. If an endpoint computer is unable to retrieve data about website categorization, URLs that cannot be categorized are blocked until the service is restored.
    This check box is not selected by default, which allows users to continue browsing if the categorization service fails.
  7. Click OK.
    Enterprise Console reconfigures endpoint computers to communicate with the Web Appliance, Management Appliance, or Sophos LiveConnect broker used by UTM.
Parent topic: Full Web Control Previous topic: Full Web Control Next topic: Exploit prevention policy
© 2000–2017 Sophos Limited. All rights reserved.