To work with rules in the WebMarshal Console, ensure that the menu item Access Policy is expanded.
6.5.1 Creating a Rule or Rule Container
WebMarshal Rules and Rule Containers have many elements in common. The procedure below illustrates the creation of an example rule. The available options are covered in the following sections.
1. In the left pane of the Console, expand Access Policy. Select a rule type.
Note: Some Content Analysis rules require WebMarshal to fully scan the response files before returning them to the user. If you configure complex rules and scripts, the user may experience a delay during scanning. To minimize the delay, in most cases a TextCensor rule that blocks a request should also add the URL to a category. WebMarshal can then block future requests for the URL quickly, using a Standard rule
• To reduce the delay due to processing, in some cases WebMarshal begins to return a file to the user. A small part of the file is held back from the user until WebMarshal has completely received and processed the file. If the page triggers the rule, the download is aborted. For information about configuring this feature, see “Configuring Download Options” on page 141.
Understanding Web Access Policy, Rule Containers, and Rules
Copyright © 2014 Trustwave Holdings, Inc. All rights reserved. 66
2. If you want to create the rule within a container, double-click the container in the right pane to open it.
3. Click the New Rule icon in the taskpad.
4. Click Next to continue to the User Matching Conditions page.
5. On the User Matching Conditions page, check the boxes in the top pane to select the conditions you want to include in the rule. The items you select items display in the rule description pane, at the bottom of the page.
6. If you can specify details for a condition, each item that requires details includes a hyperlink. The hyperlink text is red if you must enter a value, or blue if a value is already specified. Click any hyperlink to enter or change the detail information. For more information about the specific expressions, see
“User Matching Conditions” on page 69.
7. For instance, if you select where the user is a member of User Group, the text UserGroup in the rule description is a red link. Click this link to display the Select User Groups window.
In this window, you can select an existing user group. You can also create or import a new group. If you create or import a group, it is selected for use when you return to the Select User Groups window.
8. Click Next to continue to the Rule Conditions page.
9. Select conditions and enter details on this page in the same way as for 5.. See “Rule Conditions” on page 71 for details on options for the specific conditions.
10. When you have entered all the details on the Rule Conditions page, click Next to continue to the Rule Actions page.
11. Select actions and enter details on this page in the same way as for 5.. The actions that you can select vary depending on the type of rule. See “Rule Actions” on page 87 for details on options for the specific actions.
Note: If your WebMarshal installation uses more than one type of authentication, remember to include all authentication types in Rules. For instance, if WebMarshal uses both Windows and IP authentication, User Matching should include both user names and workstation names as appropriate.
Understanding Web Access Policy, Rule Containers, and Rules
Copyright © 2014 Trustwave Holdings, Inc. All rights reserved. 68
12. When you have entered all details on the Rule Actions page, click Next to continue to the Rule Completion page.
13. Enter a name for the rule.
14. Optionally enter a comment or description for the rule.
15. Choose whether to enable the rule immediately (default) or not, using the Turn on this rule checkbox.
16. Click Finish to return to the WebMarshal Console.
6.5.2 Editing Rules
The following procedure applies to all types of WebMarshal Rules and Rule Containers.
To edit a rule or rule container:
1. In the left pane of the console, expand Access Policy.
2. Select the Rule type or Rule Container that includes the item you want to edit.
3. Double-click the rule or rule condition in the right pane. The rule is presented in the Rule Wizard–Rule Completion page.
4. Click any hyperlinked item to change it. If you want to make more basic changes to the actions or conditions, click Back to view the User Matching, Conditions, or Actions pages.
5. When satisfied, click OK.
Note: The order of evaluation of rules is important. WebMarshal bases its action on the first rule triggered. You can adjust the order of evaluation. See “Understanding the Order of Evaluation” on page 93.
Changes only take effect when you commit configuration. To commit configuration, click the Commit Configuration icon on the tool bar. When changes have been made but not reloaded, the icon is red and the item WebMarshal at the top of the left pane is followed by *. A notice also displays in the status bar.
6.5.3 Enabling and Disabling Rules
You can enable or disable individual rules or rule containers. Disabled rules (or rules in disabled containers) are not used to evaluate web requests. Disabled rules and containers display with a rule-disabled icon (dimmed, with a red
, as shown below).Figure 20: WebMarshal Console, Rules window
1. Expand Access Policy, and select a rule type in the left pane.
2. Double-click a particular rule or rule container in the right pane.
3. On the Rule Wizard page, check or uncheck Turn on this rule.
4. Click OK.
You can also enable, disable, or delete Rules and rule containers using a right-click context menu. You can select multiple rules for these actions by using shift-click and control-click.