Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Defining Web Policies > General tab
General tab
Related topics:
Use the General tab to configure settings that cover basic aspects of your users' web browsing, for example availability at certain times of the day, quota time limits, and agreement to your acceptable use policy.
This is also the tab that you see, with some additional options, when you create a new policy. For more information, see Creating a new policy.
If you make any changes to this tab, click Save when done.
Policy name
The name of the policy, which you may want to rename from Default to something more meaningful to your organization, especially if you have a requirement for multiple policies.
Administrator email
This is the email address for the web administrator of this policy. This email address is used as the address from which system messages are sent. Your users may occasionally reply to these messages, so this should be an email address that is monitored by your IT staff or administrative contact.
Default and alternate PAC file address
The default PAC file address is the policy-specific PAC file for this policy. The alternative PAC file address can be used for remote user requests from a network that has port 8081, 8082 or 8087 locked down.
See Policy-specific PAC file for further details.
Time zone
To use time-based web filtering, the cloud service must first determine the time zone where users are located. The time zone you set can be used as a single zone for the whole policy, or you can set up time zones for one or more of your proxied connections that override the time zone on the General tab (see Proxied connections).
Daylight saving time is supported where valid on all time zones except GMT and UTC, which are static.
Internet availability
Use this option to configure time-based policy enforcement. The default setting is to allow Internet access at all times, although you can apply user and group-based exceptions (see User and group exceptions for time-based access control).
Alternatively, you can restrict all access by time and display an appropriate block page when access is unavailable. There are 2 formats for this:
The drop-down list contains the standard time periods and any custom periods you have set up (see Time periods).
Full traffic logging
As an alternative, consider migrating to SIEM Integration. Take advantage of Bring your own storage or switch between Forcepoint storage and your own. See Configuring SIEM storage.
When you enable full traffic logging for your account, all web policies inherit the default setting that you configure. If you want to override the default log retention for a particular policy, change the selection in the Full traffic logging drop-down list from Use account default to either Enabled or Disabled.
For full details of setting up and using full traffic logging, see the "Configuring Full Traffic Logging" technical paper.
Confirm timeout
Enter the maximum time in minutes (default 10) that a user who clicks Continue can access sites in categories governed by the Confirm action. See Policy enforcement actions.
Quota time
Use this option to configure quota times for web categories accessed by users in this policy. See Using quota time to limit Internet access for more information. Select one of the following:
A Daily quota applies to all users accessing categories with Quota as the filtering action or exception. Enter the daily limit in minutes (default 60) for all users of this policy. Then define the session length in minutes (default 10) during which users can visit sites in quota-limited categories.
A Per-category quota allows you to specify a daily limit per category and a session length per category that applies to all quota-limited categories by default. You can then change the daily quota time settings for particular categories or filtering exceptions on the Web Categories tab. See Managing categories, actions, and SSL decryption.
A session begins when the user clicks the Use Quota Time button.
The daily quota allocation for users within a policy is refreshed at midnight in the time zone defined for the user's proxied connection. If no specific time zones are defined in either the proxied connection or the policy, the quota allocation is refreshed at midnight UTC.
If you change the total quota time or session time after a user has started to use their daily quota or has received the quota block page from the cloud-based service, the changes will not take effect until the next day. Similarly, if you move a user to a different policy after they have started to use their daily quota or has received the quota block page from the cloud-based service, the change does not take effect until the next day.
Search filtering
Search filtering is a feature offered by some search engines that helps to limit the number of inappropriate search results displayed to users.
To activate this option, select Enable search filtering.
Ordinarily, Internet search engine results may include thumbnail images associated with sites matching the search criteria. If those thumbnails are associated with blocked sites, the cloud service prevents users from accessing the full site, but does not prevent the search engine from displaying the image.
When you enable search filtering, the cloud service activates a search engine feature that stops thumbnail images associated with blocked sites from being displayed in search results. Enabling search filtering affects both local and roaming users.
Acceptable use policy
This feature does not apply to I Series appliances.
You can display a notice to users informing them of your organization's acceptable use policy for Internet use and asking them to agree to accept its terms before they can continue browsing.
To display the notice, mark Require users to agree with acceptable use policy every.... In the drop-down menus, select the AUP page and how frequently you would like to display the notice. The choices are 1, 7, and 30 days.
You can tailor the default acceptable use policy notification to meet your needs, or add different AUP pages for different polices. See Configure block and notification pages.
To apply exceptions to the acceptable use policy for certain domains:
Click Domain Exceptions. This button appears only when you have selected the Require users to agree with acceptable use policy box.
Click Add. The domains you have specified are listed below the Add field. To delete a domain, select it from the list and click Delete.
Click Save when you are done.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Defining Web Policies > General tab
Copyright 2024 Forcepoint. All rights reserved.