Content Control
The Content Control module helps enforce company policies for allowed traffic, web access, data protection and applications control. Administrators can define traffic scan options and exclusions, schedule web access while blocking or allowing certain web categories or URLs, configure data protection rules and define permissions for the use of specific applications.
Components
Content Control uses the following components:
GravityZone Control Center
Security agent (Bitdefender Endpoint Security Tools installed on Windows & Mac endpoints)
Install and configure Content Control
There are three possible scenarios for installing this feature on your endpoints:
An endpoint does not have the BEST agent installed. In this case, use the Create an installation package procedure.
An endpoint has the BEST agent installed, but Content Control is not included in the modules list. In this case, use the Add Content Control using a Reconfigure agent task procedure.
An endpoint has the BEST agent installed, and the Content Control module is included. In this case, go directly to the Configure and enable the Content Control feature section.
Log in to GravityZone Control Center.
Go to the Installation Packages page from the left side menu.
Click the Create button in the upper-right side of the screen.
Type in the Name and Description for the new installation package.
Select the modules you want to include.
Note
Make sure you include the Network Protection > Content Control option.
Click Save.
Select the newly created package from the list of packages and click Send download links.
Enter the email addresses of the recipients and click Send.
Policies are used to enable and configure features both on endpoints and in terms of general functionality.
GravityZone comes with a default set of policy settings, that are custom tailored to meet the most common customer needs. These policies are applied, by default, to endpoints, after the BEST agent is installed. You cannot modify or delete the default GravityZone policy.
You can use these default policy settings and leave the configuration of the policy for a later date, or customize the feature using the steps below:
Log in to GravityZone Control Center.
Go to the Policies page from the left side menu.
You can either:
Under Network Protection > Content Control, enable and configure the module features.
Save your policy.
If you created a new policy, apply it on the endpoints where the feature is deployed.
Go to the Network page from the left side menu.
Select the endpoints you want to apply the policy to.
Click the
Assign Policy button at the upper side of the table.Select the policy you want to apply.
Click Finish.
Note
For more information, refer to Assigning device policies
If you have edited an existing policy, make sure it is applied to all endpoints where the feature is deployed.
This will ensure that the feature is enabled and configured to best suit your company's needs.
Test out the Content Control feature
Content control has three main components:
Web Access Control - This feature allows you to block access to specific types of websites on your devices either between certain hours or permanently.
Application Blacklisting - You can use this feature to completely block or restrict users' access to applications on all endpoints where the policy is assigned. You can block games, media and messaging software, as well as other categories of software and malware.
Data Protection - Data Protection allows you to set up filters for web pages and outgoing emails that search for specific sensitive information: names, card numbers, addresses, and more.
Log in to GravityZone Control Center.
In the Configuration Profiles page from the left side menu, go to Web Access Control Scheduler.
Click Add Schedule.
Add a suggestive Schedule Name.
If any other users should be able to edit the schedule set the toggle to the Allow other users to change this schedule position.
In the Category Scheduler field add a new category scheduler and set it up.
Add a name for your scheduler in the Scheduler name field.
In the Categories section choose the categories.
In the Action section choose the action you want taken.
Select the timeframe for the selected action from the Starting with and Between.
Note
Make sure the start time occurs before the end time.
Add the new schedulers to the schedule by using the Add new scheduler button.
Note
The scheduling sequence is essential since the first match rule will determine whether or not a web page is permitted. The rules will be executed sequentially. Access to web pages will be determined by the action specified in the first match.
Save the schedule.
