Tuesday, April 18, 2017

Web Protection Part 2: Setting up a New Policy


In Part 1, we discussed how to have the initial conversation with your client's concerning Web Protection and how their company handles monitoring and managing their user's web activity. We now move into setting up a demonstration for the client to illustrate the benefits of Web Protection. To start out with your new customer, you can offer to run Web Protection on a single, active device for 30 days in order to collect data. This information is what can be viewed per device, and is what drives the generated ports. This demonstration gives you the best opportunity to illustrate the type of data that the client is not currently capturing, and helps them ensure that they are monitoring web access effectively.



The first task towards this demonstration is to create a Web Protection Policy that does not block anything. To accomplish this, please reference the following:

  1. Click on Settings
  2. Select Web Protection
  3. Select Protection Policy 
  4. On the Policy screen, click the New button
  5. Name the Policy
  6. Select an existing policy to base this new one off of
  7. For Policy Type, as this is a demo, select All
  8. Click Add
Once this is done, you will be greeted with a screen for editing the Policy. As this is the demo, you will want to clean up some of the options.

General Tab



Under the General Tab, you can adjust your custom block message with the WYSIWYG Editor. Additionally, you can adjust the Reputation rating and block range as well as choose the customer interaction options. Please note that the default Reputation may be 35 or 39. 35 is the recommend setting.

Installation Settings


Under the Installation Settings Tab, you can customize the information relating to Web Protection and how it installs. Please Note: If you want to Brand your installations of Web Protection with your company information, you will want to set up this portion before deployment of the Web Protection feature.

Web Security and Category Filtering


For the Web Security and Category Filter Tabs, you will want to allow all of these items. This is to ensure that you are capturing the requests without disrupting web flow on the device. Remember, Web Protection is meant as a tool to show what is being accessed versus what should have been blocked. Take note of the categories you allowed when you are looking at the reporting later on with the client. You will want to highlight where web requests would have normally been blocked.

Whitelist and Blacklist


For this demo, you will not need to add anything to the whitelist or the blacklist.

Schedule


You also will not need to edit or make adjustments to the schedule.

Checks


Under the Checks tab, you can turn on the Web Bandwidth Check and set the limit for the threshold. This is helpful if a client has a limited bandwidth and feels that the internet is being abused by employees. The check alerting gives you another talking point for the benefits of Web Protection.

Reporting


You will not need to set any URL's to block from reports under the Reporting tab.

Note: This is the Demonstration Policy that you are deploying to begin generating information for reports in the Dashboard. These settings are not recommended for regular use, only to demonstrate to a client what Web Protection can capture on their devices.

This policy is now ready to deploy for a new demonstration. Let's take a quick look on how to deploy Web Protection for the client demonstration.

  1. In the Dashboard, navigate to the active device where Web Protection will be tested
  2. Double-click the device to access its edit view
  3. Select Web Protection from the left menu
  4. On the right, change the drop down menu to On
  5. For the policy, select your Demonstration policy from the drop down menu
  6. Click OK
  7. Allow a few minutes for the Web Protection to deploy to that single device. 
Later on, when you sign the client to using Web Protection, you will want to come back and edit this computer to instead use the policy settings. 


Need to talk to your client about Web Protection? Check out Part 1 for tips on how to start up that conversation and explore the use of Web Protection.
Itching to do that first deploy? Check out Part 3 for how to deploy the feature, work with reports, and view tips on working with Web Protection.

No comments:

Post a Comment