- CLOUD SOLUTIONS
- Getting started
- Feature specific deployment guides
- Content Control
Content Control
The Content Control module helps enforce company policies for allowed traffic, web access, data protection and applications control. Administrators can define traffic scan options and exclusions, schedule web access while blocking or allowing certain web categories or URLs, configure data protection rules and define permissions for the use of specific applications.
Components
Content Control uses the following components:
GravityZone Control Center
Security agent (Bitdefender Endpoint Security Tools installed on Windows & Mac endpoints)
Install and configure Content Control
There are three possible scenarios for installing this feature on your endpoints:
An endpoint does not have the BEST agent installed. In this case, use the Create an installation package procedure.
An endpoint has the BEST agent installed, but Content Control is not included in the modules list. In this case, use the Add Content Control using a Reconfigure agent task procedure.
An endpoint has the BEST agent installed, and the Content Control module is included. In this case, go directly to the Configure and enable the Content Control feature section.
Log in to GravityZone Control Center.
Go to the Network page from the left side menu and select the endpoints you wish to deploy the module on.
Click the Tasks button and select Reconfigure agent.
Under Modules select Add and enable the Network Protection module. Make sure you enable the Content Control option.
Note
For more information on using the Reconfigure client task refer to Reconfigure agent.
Click Save.
The task will now deploy the Content Control module on all selected endpoints.
Log in to GravityZone Control Center.
Go to the Installation Packages page from the left side menu.
Click the Create button in the upper-right side of the screen.
Type in the Name and Description for the new installation package.
Select the modules you want to include.
Note
Make sure you include the Network Protection > Content Control option.
Click Save.
Select the newly created package from the list of packages and click Send download links.
Enter the email addresses of the recipients and click Send.
Policies are used to enable and configure features both on endpoints and in terms of general functionality.
GravityZone comes with a default set of policy settings, that are custom tailored to meet the most common customer needs. These policies are applied, by default, to endpoints, after the BEST agent is installed. You cannot modify or delete the default GravityZone policy.
You can use these default policy settings and leave the configuration of the policy for a later date, or customize the feature using the steps below:
Log in to GravityZone Control Center.
Go to the Policies page from the left side menu.
You can either:
Under Network Protection > Content Control, enable and configure the module features.
Save your policy.
If you created a new policy, apply it on the endpoints where the feature is deployed.
Go to the Network page from the left side menu.
Select the endpoints you want to apply the policy to.
Click the Assign Policy button at the upper side of the table.
Select the policy you want to apply.
Click Finish.
Note
For more information, refer to Assigning device policies
If you have edited an existing policy, make sure it is applied to all endpoints where the feature is deployed.
This will ensure that the feature is enabled and configured to best suit your company's needs.
Test out the Content Control feature
Content control has three main components:
Web Access Control - This feature allows you to block access to specific types of websites on your devices either between certain hours or permanently.
Application Blacklisting - You can use this feature to completely block or restrict users' access to applications on all endpoints where the policy is assigned. You can block games, media and messaging software, as well as other categories of software and malware.
Data Protection - Data Protection allows you to set up filters for web pages and outgoing emails that search for specific sensitive information: names, card numbers, addresses, and more.
Log in to GravityZone Control Center.
In the Configuration Profiles page from the left side menu, go to Web Access Control Scheduler.
Click Add Schedule.
Add a suggestive Schedule Name.
If any other users should be able to edit the schedule set the toggle to the Allow other users to change this schedule position.
In the Category Scheduler field add a new category scheduler and set it up.
Add a name for your scheduler in the Scheduler name field.
In the Categories section choose the categories.
In the Action section choose the action you want taken.
Select the timeframe for the selected action from the Starting with and Between.
Note
Make sure the start time occurs before the end time.
Add the new schedulers to the schedule by using the Add new scheduler button.
Note
The scheduling sequence is essential since the first match rule will determine whether or not a web page is permitted. The rules will be executed sequentially. Access to web pages will be determined by the action specified in the first match.
Save the schedule.
An IT administrator responsible for managing web access for users in an organization wants to create a schedule using the Web Access Control feature to restrict access to social media websites in the 09:00 -18:00 time interval.
The following steps need to be performed to set up the scheduler:
In Configuration profiles page from the left side menu, go to Web Access Control Scheduler and click on Add Schedule.
Name the Scheduler, add the new Category Scheduler and set it up, by selecting the category that needs to be blocked (e.g. Social Media). Apply the changes and choose the action you want to take (e.g. Block) in the Action section.
Choose the timeframe for the selected action from the Starting with and Between fields (e.g. 09:00 -18:00) and click the Add new scheduler and Save buttons.
To assign a schedule to a policy follow the steps bellow:
Go to the Policies page from the left side menu.
Click Add to create a new policy, or open an existing one to edit it.
Go to Network Protection > Content Control section.
Use the switch to turn Web Access Control on.
From the Assign schedule drop-down select the schedule you want to apply.
Click Save.
Go to the policy you want to use to test the feature on.
Go to Network Protection > Content Control.
Make sure Application Blacklisting is enabled, and click Add.
Under Application paste the following file name
msedge.exe
(this is the executable file name for Microsoft Edge).Click Save.
Wait a few minutes until the policy changes are synchronized.
From one of the endpoints try and run Microsoft Edge.
You will not be able to launch the application.
Go to the policy you want to use to test the feature on.
Go to Network Protection > Content Control.
Make sure Data Protection is enabled, and click Add.
Under Website or email address type in an email address (for example
[email protected]
)Under Type, select Email.
Click Save.
Wait a few minutes until the policy changes are synchronized.
From one of the endpoints try and send an email containing the email address you added under the Data Protection rule in the body of the email.
The email will be blocked and will not reach its intended destination.
Go to the policy you want to use to test the feature on.
Go to Network Protection > Content Control.
Make sure Data Protection Exclusions is enabled, and click Add.
Under Website or email address type in an email address that you want to mark as secure.
Under Type, select Email.
Click Save.
Wait a few minutes until the policy changes are synchronized.
From one of the endpoints try and send an email containing the email address you added under the Data Protection rule (see previous use case) in the body of the email to the email adress you added as an exclusion.
The email will not be blocked and will not reach its intended destination.
You can also get information regarding the activity of the feature from the Blocked Websites, Blocked Applications, and Data Protection reports.
Note
For more information refer to Report types.
Go to the Threats Xplorer page from the left side menu to check for any threats that have been detected on your network. The feature centralizes detection events from multiple GravityZone technologies and classifies them by category, threat type, remediation actions, and many others.
For more information, refer to Threats Xplorer.
Portlets provide you with security event information from your environment. You can customize the portlets and create your own, specifying the protection mechanism you would like the monitor and the time interval you would like to see in the data.
For information on how to create and manage portlets, refer to Dashboard.
Note
There is a portlet available for each report type provided by the console.