Web Filtering

Administrators can limit access to websites by defining Web Filter Policies.

Once a policy is created it can be assigned to any number of groups via Group Setting or directly to Workspaces . Policies set on the Workspaces take priority over those assigned to Groups.

../_images/denied.png — **Denied Request**

Configuration

../_images/policy.webp — **Filter Policy**

../_images/policy2.webp — **Filter Policy Advanced**

Note

Use of the Categorization requires a license. Kasm Workspaces must also have live internet access to communicate with the categorization service. Please contact your Kasm Technologies representative for details.

Property	Description
Name	A name for the policy
Description	A description for the policy
Deny By Default	If checked, all requests will be denied unless the domain is added to the Domain Whitelist, or the category of the domain is set to allow. If unchecked, all requests will be allowed unless the domain is added to the Domain Blacklist, or the category of the domain is set to deny.
Domain Blacklist	A list of domains to reject. Enter one domain per line. Sub-domains are automatically matched unless explicitly defined elsewhere.
Domain Whitelist	A list of domains to allow. Enter one domain per line. In the event of a conflict, the blacklist takes priority. Sub-domains are automatically matched unless explicitly defined elsewehere.
Enable Safe Search	When enabled, Safe Search for popular search engines will enforced using the Safe Search Patterns. Google, Bing, Yandex, DuckDuckGo, and Yahoo are supported by default.
Enable Categorization	If checked, requested domains will be checked against Kasm’s url categorization service. Each category can be set to Allow, Deny, or Inherit. Inherited categories will utilize the Deny By Default setting. Domains specified in the Domain Whitelist or Domain Blacklist take priority over categorization.
URL Categories	Administrators can choose to Allow, Deny or Inherit the default rule for each category. If Inherit is selected, the category will be allowed/denied based on the Deny By Default setting
Disable Logging	When enabled, no access related logs will be produced.
Safe Search Patterns	A data structure containing the URL rewrite rules used to apply Safe Search.
SSL Bypass Domains	Web Filtering uses SSL inspection technology to enforce policy. In some cases, this technology will not be compatible with a website. Administrators can enter a list of domains that will bypass this inspection to restore functionality. Enter one domain per line. To match all subdomains domains, prefix a period before the domain `.google.com`
SSL Bypass IPs	Web Filtering uses SSL inspection technology to enforce policy. In some cases, this technology will not be compatible with a website. Administrators can enter a list of IPs that will bypass this inspection to restore functionality. Enter an IP or CIDR notation one per line.