Web Filtering

Administrators can limit access to websites by defining Web Filter Policies.

Once a policy is created it can be assigned to any number of groups via Group Setting or directly to Workspaces . Policies set on the Workspaces take priority over those assigned to Groups.

../_images/denied.png

Denied Request

Configuration

../_images/policy.webp

Filter Policy

../_images/policy2.webp

Filter Policy Advanced

Note

Use of the Categorization requires a license. Kasm Workspaces must also have live internet access to communicate with the categorization service. Please contact your Kasm Technologies representative for details.

Property

Description

Name

A name for the policy

Description

A description for the policy

Deny By Default

If checked, all requests will be denied unless the domain is added to the Domain Whitelist, or the category of the domain is set to allow.

If unchecked, all requests will be allowed unless the domain is added to the Domain Blacklist, or the category of the domain is set to deny.

Domain Blacklist

A list of domains to reject. Enter one domain per line. Sub-domains are automatically matched unless explicitly defined elsewhere.

Domain Whitelist

A list of domains to allow. Enter one domain per line. In the event of a conflict, the blacklist takes priority. Sub-domains are automatically matched unless explicitly defined elsewehere.

Enable Safe Search

When enabled, Safe Search for popular search engines will enforced using the Safe Search Patterns. Google, Bing, Yandex, DuckDuckGo, and Yahoo are supported by default.

Enable Categorization

If checked, requested domains will be checked against Kasm’s url categorization service. Each category can be set to Allow, Deny, or Inherit. Inherited categories will utilize the Deny By Default setting.

Domains specified in the Domain Whitelist or Domain Blacklist take priority over categorization.

URL Categories

Administrators can choose to Allow, Deny or Inherit the default rule for each category. If Inherit is selected, the category will be allowed/denied based on the Deny By Default setting

Disable Logging

When enabled, no access related logs will be produced.

Safe Search Patterns

A data structure containing the URL rewrite rules used to apply Safe Search.

SSL Bypass Domains

Web Filtering uses SSL inspection technology to enforce policy. In some cases, this technology will not be compatible with a website. Administrators can enter a list of domains that will bypass this inspection to restore functionality. Enter one domain per line. To match all subdomains domains, prefix a period before the domain .google.com

SSL Bypass IPs

Web Filtering uses SSL inspection technology to enforce policy. In some cases, this technology will not be compatible with a website. Administrators can enter a list of IPs that will bypass this inspection to restore functionality. Enter an IP or CIDR notation one per line.