Configure default settings for controlling access to certain kinds of websites.
Name: Enter a descriptive name for this filter action.
Allow/Block selection: Decide whether your selection of website categories should be allowed or blocked. The following options are available:
- Allow all content, except as specified below.
- Block all content, except as specified below.
If you select Allow all content, except as specified below then all categories groups are defaulted to Allow, and can be changed to either Warn, Block or Quota. If there are categories that are not displayed here as part of a category group, they will also be allowed. If a website is a member of multiple categories and any of the categories are blocked, then the website is blocked.
If you select Block all content, except as specified below then all categories groups are defaulted to Block, and can be changed to either Warn or Allow. If there are categories that are not displayed here as part of a category group, they will also be blocked. If a website is a member of multiple categories and any of the categories are allowed, then the website is allowed.
Note – All site categories that have been set to Quota will count towards available quota time. Available quota time resets at midnight, or can be reset manually on the Web Protection > Policy Helpdesk > Quota Status page. You can set the available quota time on the Additional Options page of the Filter Action wizard.
Note – Advanced Threat Detection can detect and block additional Malware communication. This can be configured in Advanced Protection > Advanced Threat Protection > Global.
Categories: You can set whether you want users visiting websites of each category to be allowed, warned, blocked, or to count towards the users' available quota time. If you select Warn or Quota, users browsing to a site in that category will first be presented with a warning page, but they can proceed to the site if they choose.
Note – There are 107 categories that are by default grouped together into 18 “Filter Categories”. These can be configured under Web Protection > Filtering Options > URL Filtering Categories. The Filter Action Wizard displays all Filter Categories that have been configured.
Block websites with a reputation below a threshold of: Websites can be classified as either Trusted, Neutral, Unverified, Suspicious, or malicious, the latter not being listed. Unclassified websites are referred to as Unverified. You can select which reputation a website requires in order to be allowed access from your network. Websites below the selected threshold will be blocked. Note that this option is only available if the first option on the page is set to Allow.
Note – For more information on website reputations, see https://secure2.sophos.com/en-us/threat-center/reassessment-request.aspx. Here, you can request a categorization of yet uncategorized websites or inform yourself about existing categories for Sophos UTM on AWS.
Click Next to proceed to the next configuration page, Save to save your configuration, or Cancel to discard all changes and close the configuration dialog.