SurfControl Web Filter v5.5 Administrator’s Guide 13
B
ASIC
C
ONFIGURATION
Basic Rule Configuration
2
BASIC RULE CONFIGURATION
SurfControl Web Filter uses rules, which you can use to apply your Acceptable Use Policy to your users.
There are three types of rules:
• Allow - Uses positive filtering to give access. This is the default setting for any new rule you create.
• Disallow - Uses negative filtering to deny access.
• Allowance - Uses a combination of positive and negative filtering to set up limits for internet access.
The allowance value can either be time based (allowing access for a predefined time limit), or value
based (allowing only a predefined amount of bandwidth to be consumed). Once these limits have been
reached, access is blocked.
Rules are created and activated from the Rules Administrator, which you can access via the Web Filter
Manager > Content Protection option for your collector or database, or from the Start > All Programs >
SurfControl Web Filter menu. Web Filter rules consist of various objects which can be configured to suit
your needs. To help you, the Rules Administrator comes supplied with some preconfigured rules. If you
wish to implement any of these rules, all you have to do is activate them. You can do this in the following
way from the Rules Administrator interface:
1 Select the check box to the left of the rule you wish to activate, or right-click the rule you want to
activate and select Active from the right-click menu.
2 Click Commit to save the changes to your database.
RECOMMENDATIONS FOR CREATING AND APPLYING RULES
Before building your own rules, consider altering one of the preconfigured rules in the list. To examine the
rule’s objects, select a rule and from the right-click menu, select properties. You can check how the rule
objects have been used, and modify the settings for each one. For an in depth description of the various
rule objects, see Chapter 7.
When applying rules keep the following in mind:
• Rules are read sequentially and will not be overwritten by a rule that follows. The fewer rules you have,
the more efficiently Web Filter will perform.
• Rules are processed from the top of the list in the Rule Panel downwards. Rules which are applied to
individuals or small groups should be placed near the top of the list.
• NEVER set up a "Disallow, Anybody, Anywhere, Anytime" rule because it will block all access
throughout your network. It is recommended that you test rules on a single machine before
implementing a network-wide policy.
• It is strongly recommended that only one user modifies rules in the Rules Administrator at any one
time. This is to prevent any corruption of the database which will cause the Rules Administrator to
crash, rendering it inoperable.