Security Controls

Rule Set Browser Control

Add URL Redirection to a Rule Set

  1. In the Application Control Configuration Editor, select the Browser Control node for the rule set to which you want to add URL redirection.
  2. In the work area right-click and select Add URL.

    The Add URL to Redirect dialog displays.

  3. Enter a URL - you can use both IP address and text URLs.

    Tip: If you use a text URL and the server also acts on IP addresses, add both the text URL and the IP address for that server.

  4. Select the action for the URL - Redirect or Allow.
  5. If you have selected Redirect, choose the required response when a user attempts to access the prohibited URL:
    • Display the default warning page when a URL is redirected - the user is directed to the default "Access is denied" page.
    • Display a custom page when a URL is redirected -specify an alternative location instead of displaying the default warning page. For example, this could be a location within your organizations network, a file on a disk, your intranet or another website.
  6. Enter an optional description for your future reference.
  7. Click Add.

The redirect is added to the URL Redirection tab of the Browser Control work area. When the configuration is deployed and users attempt to access the specified webpage, the redirected page displays in the same browser instance. If an URL allow has been configured, the website opens as expected.

Control URL access within a domain

URL Redirection can also be used to control access within a single domain - access to a domain can be prohibited whilst access to certain of its sub-domains is permitted. For example, you could deny access to www.company.com whilst allowing access to www.company.com/resources.

Configure a whitelist with URL Redirection

You can use URL Redirection to implement a whitelist approach to controlling internet access for your organization. By creating a redirection that prohibits access to all internet sites, you can add items to allow access to the web sites you want to be available for your staff.

  1. Create a URL redirect item for either http* or *. This prevents users accessing everything on the internet.

  2. Create redirects to allow access to the required URLs.

When the configuration is deployed to your users, they will not be able to access any website other than those configured in URL Redirection items with allow actions.

Whitelisting and Inline Frames

If you are using a whitelist approach and allow access to a site that uses Inline Frames (iFrames), you must set up URL redirection items to allow the URLs for each inline frame. If the URL for an inline frame is redirected, the main website URL is also redirected, even though it has been configured to be allowed.

For example, you have redirected all websites using http* and you have created a URL allow so your users can access http://www.website.com. That website uses an inline frame to display http://www.frame.com, which has not been allowed. Users will not be able to open http://www.website.com because access to http://www.frame.com is denied due to the http* redirection.

Related Topics

About Browser Control

Rule Set Executable Control

Rule Set Privileges Management

 


Was this article useful?