Phase 3 - Day 16 to Day 25 – Start taking control
Now that you have seen what is going on, it is time to start taking control and introduce some blocking or limiting policies. Here we explain what to do and consider a few common scenarios for applying policies.
- Make an official announcement to all your staff that Internet use is now being monitored and see how many of your problem users moderate their surfing habits over the next ten days.
- Block access to sites that should never be accessed on company computers. Categories to note would be anything in the Security category group, for example Adult / Porn or Gambling in general, and others in the Legal Liability category filter, as well as others that may be relevant to your work environment.
- To do this, you can simply switch on the pre-configured policies that are available out-of-the box. These policies can be accessed from Manage > Policies.
- If you want to try to create a new policy, you can do so by performing the steps in the following topic: How to create a new blocking policy.
NOTE
If you are serious about web security, you should also enforce blocking by web reputation. The Web Reputation Index is a score based on the safety of a website and enables you to block websites identified as “Unknown”, “Suspicious” or “Medium Risk”. Web reputation scores are valid across any category, since any type of website may contain malicious content. With Web Reputation you ensure that sites are blocked BEFORE they become a threat.
- If you are concerned with leisure browsing, limit access to Online shopping, Games, Social Network in General and other categories you identify as potential time wasters. Access to such sites can be limited to a certain amount per week (for example, 3 hours per week) using the Time element. For more information refer to How to create a time threshold policy.
- If you identified users who are “bandwidth hogs”, apply some bandwidth limits. For more information refer to How to create a bandwidth threshold policy.
- After applying some controlling policies, go to the Reports area and create management reports. Send these out to the relevant persons within the company.
Some useful reports you can try are:
REPORT NAME | Description |
---|---|
Bandwidth Usage Trends | Run this report to discover which domains, categories and users are hogging bandwidth. |
Activity Usage Trends |
Run this report to discover the top domains being accessed, and the categories that are most popular with users. |
Drug Related Access or Job Search Websites | For HR issues, run one of the pre-defined HR reports and send these to HR and managers. |
Security - All Security |
Find categories related to security, such as “Hacking”, “MalwareShort for malicious software.Unwanted software designed to infect a computer such as a virus or a trojan. Sites”, “Proxy Avoidance and Anonymizers”. |
NOTE
You can export reports in CSV format and send them to the appropriate managers by email, or show them these reports directly through the web interface (log using http://1.1.1.1 or http://127.0.0.1:1007 on the machine where GFI WebMonitor is installed or from another machine if you have configured UI Access ControlA feature that allows or denies users access to resources, for example, Internet access. for that machine). Remember that for http://1.1.1.1 or http://127.0.0.1:1007 to work the following conditions must be met:
- Access to the UI has been granted
- Internet browser has been configured to use GFI WebMonitor as the Proxy server.
- For http://127.0.0.1:1007 disable Bypass proxy server for local addresses from Internet options.
IMPORTANT
In http://127.0.0.1:1007, 1007 refers to the port on which the GFI WebMonitor Management ConsoleAn interface that provides administration tools that enable the monitoring and management of Internet traffic. listens by default. If this listening port is changed, the URLUniform Resource Locator. used to access the Management Console should reflect this, for example http://127.0.0.1:<port>
. This is different from the port on which the GFI Proxy listens for incoming connections.
- Once you have put in a few controls and limits, let GFI WebMonitor do its work again for a few days.
In the meantime, check out the following topics to learn more on how to work with policies: