Internet Access policy controls user’s web access. It helps to manage web access specific to the organization’s need. It specifies which user has access to which sites or applications and allows defining policy based on almost limitless parameters like:
1. Individual users 2. Groups of users 3. Time of day
4. Location/Port/Protocol type 5. Content type
6. Bandwidth usage (for audio, video and streaming content)
When defining a policy, you can deny or allow access to an entire application category, or to individual file extensions within a category. For example, you can define a policy that blocks access to all audio files with .mp3 extensions.
Two basic types of Internet Access policy:
1. Default Allow 2. Default Disallow Default Allow
By default, allows user to view everything except the sites and files specified in the web categories E.g. To allow access to all sites except Mail sites
Default Disallow
By default, prevents user from viewing everything except the sites and files specified in the web categories
E.g. To disallow access to all sites except certain sites
Create a new Internet Access policy
Select Policies Æ Internet Access Policy Æ Create Policy to open the create policy page
Screen - Create Internet Access policy
Screen Elements Description Internet Access policy details
Name Specify policy name. Choose a name that best describes the policy to be created
Using Template Select a template if you want to create a new policy based on an existing policy and want to inherit all the categories restrictions from the existing policy
Select ‘Blank’ template, if you want to create a fresh policy without any restrictions. After creation you can always customize the category restrictions according to the requirement.
Policy Type
Only for ‘Blank’
option in Using Template field
Select default policy type Available options
Allow – Allows access to all the Internet sites except the sites and files specified in the Categories
Deny – Allows access to only those sites and files that are specified in the Categories
Description Specify full description of policy
Reporting By default, Internet usage report is generated for all the users. But Cyberoam allows to bypass reporting of certain users.
Click ‘Off’ to create Bypass reporting Internet access policy. Internet usage reports will not include access details of all the users to whom this policy will be applied.
Click ‘On’ to create policy which will include access details of all the users in Internet usage reports to whom this policy is applied.
Create button Creates policy and allows to add Category restriction Refer to Add Category for more details
Internet Access policy Rules
Add button Allows to define Internet Access policy rules and assign Web, File Type and Application Protocol Categories to Internet Access policy Click to add
Refer to Add Internet Access policy rule for more details Save button Saves policy
Show Policy Members button
Opens a new page and displays list of policy members
Cancel button Cancels the current operation and return to Manage Internet Access policy page
Table - Create Internet Access policy screen elements
Note
Policies with the same name cannot be created
Add Internet Access policy rule
Screen – Add Internet Access policy rule
Screen Elements Description Rule details
Select Category Displays list of custom Web, File Type and Application Protocol Categories
Displays list of Categories assigned to policy In Category Name column,
W represents Web Category F represents File Type Category
A represents Application Protocol Category
D represents Default Category
C represents Customized i.e. User defined Category
Select Categories to be assigned to policy.
In Web Category list, click to select In File Type list, click to select
In Application Protocol list, click to select
Use Ctrl/Shift and click to select multiple Categories
If ‘Web and Application Filter’ subscription module is registered, all the default categories will also be listed and can be for restriction.
Strategy Allows/Disallows access to the selected Categories during the period defined in the schedule
Click Strategy box to see options and select
During Schedule Allows/Disallows access to the selected Categories according to the strategy defined during the period defined in the schedule
Allow/Disallow will depend on the strategy selected Click Schedule box to see options and select
View details link Opens a new window and displays details of the selected schedule Click to view
Click Close to close the window Add button Add rule to Internet Access policy
Click to add rule
Cancel button Cancels the current operation
Table – Add Internet Access policy rule screen elements
Update Internet Access policy
Select Policy Æ Internet Access policy Æ Manage Policy and click policy name to be modified
Screen - Update Internet Access policy
Screen Elements Description Internet Access policy details
Name Displays policy name
Cannot be modified Policy Type Displays policy type Cannot be modified
Description Displays policy description, modify if required
Reporting By default, Internet usage report is generated for all the users. But Cyberoam allows to bypass reporting of certain users.
Click ‘Off’ to create Bypass reporting Internet access policy.
Internet usage reports will not include access details of all the users to whom this policy will be applied.
Click ‘On’ to create policy which will include access details of all the users in Internet usage reports to whom this policy is applied.
Internet Access policy Rules
Table - Update Internet Access policy screen elements Delete Internet Access policy rule
Screen - Delete Internet Access policy rule Displays list of Categories assigned to policy In Category Name column,
W represents Web Category F represents File Type Category
A represents Application Protocol Category
D represents Default Category
C represents Customized i.e. User defined Category Add button Allows to define a new rule
Click to add
Refer to Add Internet Access policy rule for more details Delete button Allows to delete the selected rule(s)
Refer to Delete Internet Access policy rule for more details MoveUp button
Only when more than one rule is defined
Moves the selected rule one step up
Click rule that is to be moved one-step up. This will highlight selected rule.
Click MoveUp to move the selected rule one step upwards MoveDown button
Only when more than one rule is defined
Moves the selected rule one step down
Click rule, which is to be moved one-step down. This will highlight selected rule.
Click Move Down to move the selected rule one step downwards Update button
Only when more than one rule is defined
Saves the modified sequence of the rules
Save button Saves the modifications Show Policy members
button
Opens a new page and displays list of policy members
Cancel button Cancels the current operation and returns to Manage Internet Access policy page
Screen Elements Description
Del Select rule to be deleted Click Del to select
More than one rule can also be selected Select All Selects all rules for deletion
Click Select All to select all rules for deletion Delete button Delete(s) selected rules
Table - Delete Internet Access policy rule screen elements
Note
Do not forget to update after changing the order
Delete Internet Access policy Prerequisite
• Not assigned to any User or Group
Select Policies Æ Internet Access policy Æ Manage Policy
Screen - Delete Internet Access policy
Screen Elements Description
Del Select policy for deletion Click Del to select
More than one policy can also be selected Select All Selects all policies for deletion
Click Select All to select all policies for deletion Delete button Delete(s) selected policies
Table - Delete Internet Access policy screen elements