CAUTION: DWP settings entered in the DWP Configuration subtab are deployed to all computers with the DWP client installation. If DWP was pre-configured in those computers, those settings are
overwritten because portal-based settings take precedence.
To specify DWP configuration settings:
1. Select the Accounts tab and click Edit.
2. Select the DWP Configuration subtab.
The DWP Configuration subtab opens.
-61
-WSS 4.4.0-2
3. Enter DWP configuration settings, as described in the following table.
DWP Configuration
General Settings Prevent user access to browser proxy settings
Controls users’ ability to change browser proxy settings:
l Not Configured: Enabled by default. Prevents DWP from conflicting with Group Policy Object (GPO) trying to modify the same settings, by locking user access to browser proxy settings. When this option is enabled, GPO settings take precedence because DWP is not
modifying settings.
l Enabled: DWP modifies settings to prevent users from modifying their proxy settings in the browser.
Note: If this option is enabled, you must set it to Disabled 15 minutes before you uninstall the DWP.
l Disabled: DWP modifies settings, so that users can modify their proxy settings in the browser.
Note: If a GPO in the customer’s environment is locking the proxy settings, DWP does not override it. It’s not possible to predict whether GPO or DWP will prevail in this situation. We recommend that you disable any GPO actions that are locking proxy settings in the customer’s environment while using this feature. If you want the GPO settings to prevail, leave this setting as Not Configured.
In Firefox, the Settings button is hidden if the browser control setting is applied using DWP.
Hide Icon in Tray Hides the DWP icon on the end-user’s system tray, preventing the user from accessing DWP functions.
For more information, see the Desktop Web Proxy Configuration Guide, which is available on the Management Portal at Resources > Documents.
List of Caching Proxies Proxy names and port numbers of caching proxies at your gateway locations.
Allows mobile users to connect transparently to either caching proxies or directly to the Web Security Service.
For a single caching proxy, separate the name and port with a colon:
ProxyName:port
For multiple caching proxies, separate proxies with a semicolon and end the string with a semicolon:
ProxyName1:port1;ProxyName2:port2;
Enable Automatic Configuration Script
Enable use of a Proxy Auto Configuration (PAC) script to tell browsers where to route users’ page requests. If enabled, it works with the PAC File
DWP Configuration
PAC File Location The URL or local network path to the configuration script. DWP copies the script to the local machine, then applies the settings to the browser. DWP clients must be restarted after PAC configuration options are set.
Note: Firefox is unable to parse PAC files correctly if the local path or the DWP username contains the # special character (for example, user#1). In this case, traffic is not filtered. See"Using a PAC file" on page 58.
Monitor Port 80 and 443 usage
Uploads process data to the Monitors | Port Monitor tab, to help the Admin identify rogue applications that are using default ports 80 and 443.
Allow Unsafe Browsing
Editable if Enable Dynamic Hot Spot Management is selected. Allows users to bypass the Web Security Service to browse the Internet in hotspot
environments where access might be blocked or re-routed. If not set, DWP opens an error page and prevents users from browsing the Internet in hotspots.
To Bypass the Web Security Service:
Browser Bypass Enter the sites stored in the browser’s exception list.
DWP Bypass Enter the URLs to be accessed directly by DWP without going through the Web Security Service.
Configured by Default as Active:
Proxy Address Required. The address of the Web Security Service data center. This proxy address should be changed only at the service provider’s direction.
Proxy Port Required. Do not change this setting. Only ports 80, 3128, or 8080 can be used.
Apply portal settings to the DWP clients
Enabled by default when the service provider created the account, so that you can enter and deploy DWP settings that are consistent throughout the account.
Caution: If you keep this option selected, any DWP settings previously entered at each client computer are overwritten after you click Save.
If you clear this checkbox, all options become read-only and the settings are not functional. If you are in Edit mode, selecting this checkbox makes other options editable.
Activate DWP on Install
Selected by default. DWP client installations are not activated by default, so settings are not yet applied. After you save this setting, DWP client
installations are automatically activated and the settings are immediately applied to the users’ browsers.
-63
-WSS 4.4.0-2
DWP Configuration Enable Dynamic Hot Spot Management
Automatically handles hotspot billing systems. DWP enters direct mode if it detects that a user’s browser is blocked by a hotspot. The user is connected to the Web Security Service when billing or sign-up is complete. If you enable hot-spot detection, DWP tries to access ports 3128, 8080, 80, and 443 in succession, and uses the first port that is accessible.
Use the IE Browser setting “Bypass proxy server for local addresses”
Selects the option in Internet Explorer that sends all traffic to non-routable IP addresses.
Enable Automatic User Name Resolution:
Synchronizes the Web Security Service and client user name and password for users in the corporate network. If a Web Security Service user name and password are not configured in DWP, DWP requests the service to generate the credentials and DWP stores them locally. With this option enabled, passwords are updated automatically if they change in the service.
Note: This option only works if the request from DWP is from within your corporate network via the configured IP addresses on the Web Security Service. If the initial connection to DWP is not within the network, credentials are not created.
To use this option, your corporate firewall must allow requests on port 80 and 443 directly to the Web Security Service. See your Provisioning Notification Document for information about allowed ports.
4. If you want to bypass filtering for certain sites, go to the next section. Otherwise, click Save.
Account-level settings are propagated to future user-based groups (but not existing user groups). The DWP Configuration subtab is also available on the Groups tab.