McAfee MSA09EMB1RAA Product Guide - Page 13

Setting up a Browsing Security Strategy

SiteAdvisor Enterprise Plus includes a default policy with settings recommended by McAfee to

protect managed systems from most web-based threats. This section provides an overview of

features that assist you in customizing policy settings that are specific to your business needs.

The following topics provide details about using these features.

Contents

Guidelines for creating a strategy

Select the right policy options and features

Information that SiteAdvisor Enterprise Plus sends

Guidelines for creating a strategy

Follow these guidelines to design and implement a browsing security strategy that fully protects

your managed systems against web-based threats.

1

Install SiteAdvisor Enterprise Plus, enable Observe mode, and deploy the client

software.

Before deploying the client software, enable Observe mode (Action Enforcement tab on

the General policy page). This prevents SiteAdvisor Enterprise Plus from taking actions

(such as blocking and warning) configured as part of the default policy, but tracks browsing

behavior data that you can retrieve in reports.

See

Evaluate policy settings with Observe mode

under

Configuring Policies

.

2

Evaluate browsing traffic and usage patterns (Reports).

Run queries and review the results to learn about network browsing patterns. For example,

what types of sites are users visiting and what tasks are they performing at these sites?

What time of day is browsing traffic heaviest?

See

Using Dashboards, Monitors, and Reports

.

3

Create policies.

Configure policy options based on the browsing behavior revealed in the query results.

Prohibit, block, or warn about sites or downloads that present threats, and authorize sites

that are important to your users.

See the

Configuring Policies

chapter for more information.

4

Test and evaluate policy settings (Observe mode).

Enable Observe mode to track the number of users who access sites that would be affected

by the policy settings you have configured. Run queries, then view and evaluate the tracked

data. Are the settings comprehensive enough? Do they have any unintended consequences

you need to resolve? Adjust the policy settings as needed, then disable Observe mode to

activate them.

13

McAfee SiteAdvisor Enterprise Plus 3.0 Product Guide

Section	Page
Contents	3
Introducing SiteAdvisor Enterprise Plus	5
Benefits of using SiteAdvisor Enterprise Plus	5
How safety ratings are compiled	6
Safety icons and balloons protect during searches	6
Using site safety balloons	7
SiteAdvisor menu protects while browsing	7
Using the SiteAdvisor menu	8
Safety reports provide details	9
Viewing safety reports	10
Administrators customize policy settings	11
Setting up a Browsing Security Strategy	13
Guidelines for creating a strategy	13
Select the right policy options and features	14
Information that SiteAdvisor Enterprise Plus sends	15
Configuring Policies	16
How policies work	16
Types of policy categories	17
Default policy settings	17
Creating and editing policies	19
Apply general options	19
Configuring proxy settings	20
Enabling observe mode	21
Setting the control panel option	21
Block and warn sites by ratings and threat factors	22
Configuring access based on ratings	22
Blocking or warning site access based on ratings	23
Blocking or warning site access based on threat factors	23
Blocking or warning file downloads based on ratings	23
Blocking phishing pages	24
Use Authorize and Prohibit lists for sites	24
How site patterns work	25
How multiple-instance policies work	26
Working with Authorize lists	27
Adding a site to an Authorize list	27
Adding multiple sites to an Authorize list	27
Deleting sites from an Authorize list	28
Editing information in an Authorize list	28
Searching an Authorize list	29
Testing an Authorize list	29
Blocking exploits on authorized sites	30
Blocking or warning file downloads on authorized sites	30
Blocking phishing pages on authorized sites	31
Turning off tracking for visits to authorized sites	31
Setting list precedence	32
Working with Prohibit lists	32
Adding a site to a Prohibit list	32
Adding multiple sites to a Prohibit list	33
Deleting sites from a Prohibit list	33
Editing information in a Prohibit list	34
Searching a Prohibit list	34
Testing a Prohibit list	34
Customize messages for users	35
Creating customized messaging	35
Creating a message for rated sites	35
Creating a message for phishing pages	36
Creating a message for downloads	37
Creating a message for sites on Authorize or Prohibit lists	37
Adding a logo in a message	38
Disable and reenable the software	38
Disabling and re-enabling from the ePO server	38
Disabling and reenabling from the browser	39
Track events for reports	39
Tracking visits to domains and downloads	40
Tracking domain page views and downloads	41
Tracking green site content categories	41
Using Dashboards, Monitors, and Reports	43
Use queries to create reports	43
Creating reports	44
Running a purge task	45
Use dashboards and monitors	45
Creating monitors	46
Reference	47
Frequently Asked Questions	47
Where to find more information	50
Web Filtering for Endpoint and Web Reporter Appendix	51
How web content filtering works	51
Policy additions with web content filtering	51
Report and dashboard additions with web content filtering	52
How Web Reporter works	52
Sending Web Reporter logs	53
Applying the Content Actions policy	53
Working with the Web Reporter	54

McAfee MSA09EMB1RAA Product Guide - Page 13

Setting up a Browsing Security Strategy, Guidelines for creating a strategy

Page 13 highlights