Add a web policy

  1. Go to Web > Policies and click Add policy.
  2. Enter a name.
  3. Add rules.
  4. Optional Scroll to Search engine enforcement and specify settings.

    Enforce SafeSearch

    Prevent potentially inappropriate images, videos, and text from appearing in Google, Yahoo, and Bing search results. You can reduce the risk of exposure to explicit content by enabling additional filters that display only images with a Creative Commons license.

    Note For Bing and Yahoo, SafeSearch can be enforced on HTTPS connections only if HTTPS scanning is enabled in the firewall rule.

    Enforce YouTube restrictions

    Prevent access to potentially inappropriate content by restricting which videos are returned in YouTube search results.

  5. Optional Scroll down to Policy quota status and select the allowed time quota.

    Using time quota, you can allow access to restricted websites for a limited period. This applies to all the restricted web categories in the policy with a quota action. Time quota applies to all the rules in the web policy. Users can have individual quotas for each web policy.

    Create a web policy with a rule for the categories Online shopping and Unproductive browsing with Action set to Quota HTTP and Quota HTTPS. You then set Allowed time quota to two hours. The users specified in the rule can access websites in these categories for two hours in a 24-hour period.

    However, if you want to set individual time quotas for the two categories, you need to create two web policies.

    Note You can't set the quota to zero. Time quotas are reset at midnight local time.

    Quota doesn't apply to Activities set to a content filter or to dynamic categories. Example: Web content with ActiveX, applets, cookies.

  6. Optional Scroll to Advanced settings and specify settings.

    Enable logging and reporting

    Include this policy in logs and reports.

    Prevent downloading of large files

    Prevent downloading files greater than the size specified.

    Restrict login domains for Google Apps

    Allow users to sign in to Google Apps (example: Gmail, Drive) only with the domains specified. For example, you can allow users to access these services only through their corporate Google account.

  7. Click Save.

For the policy to take effect, add it to a firewall rule.