Issue:
How to create a profile for Elements Endpoint Protection (EPP for Computers and EPP for Servers) that blocks every internet website (URLs) except for allowed or whitelisted pages?
Resolution:
You can block everything except allowed sites by following these steps:
- Log in to the Elements Endpoint Protection Portal
- Go to the Profiles page
- Select the profile you want to edit
- Go to the Browsing protection settings page
- In the Reputation-based browsing section, enable Block everything except allowed sites
- Click Save and publish
To add sites to the allowed sites list:
- Scroll down to the Web site exceptions section and enable it
- Click the Add site button under Allowed sites
- Add the site domain address. Example: Google.com
- Click Save and publish
When a website is blocked by F-Secure Browsing protection, the user will receive a Website denied block page. This block page will show the message "You can only access these websites:" and then list all the allowed websites.
If the user has administrator rights and local settings changes has been allowed from the profile, the user can click on Allow this website to allow the site they are currently trying to reach. If a local user wants to allow other sites, they can click on the Allowed and denied websites link on the block page and click Add new.
If you do not wish to block all websites, but just specific categories of websites, Elements Endpoint Protection products have the Web content control feature, which can restrict web browsing based off of the category filtering setting (example: "drugs", "adult", "games" etc.). If the website fits into one of the disallowed categories, access to the website can be blocked.
To enable Web Content control:
- Log in to the Elements Endpoint Protection Portal
- Go to the Profiles page
- Select the profile you want to edit
- Go to the Browsing protection settings page
- Scroll down to the Web content control section and enable it
- Enable the categories, which you want to disallow
- Click Save and publish
Note: Websites that are listed in the Allowed sites list will not be blocked even if the website belongs to a disallowed category.
If you do not want to have local users to be able to continue to blocked pages or add allowed sites locally, enable the following settings from the Endpoint Protection profile:
- Go to the Browsing protection settings page
- Disable Allow user to continue to blocked pages and lock the setting with the lock
- Scroll down to the Sites section and lock the setting
- Click Save and publish
Article no: 000009566