Symantec 360R Administration Guide - Page 111
About content filtering, Special considerations
UPC - 037648240185
View all Symantec 360R manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 111 highlights
Advanced network traffic control 111 About content filtering If this message is present, then your AVpe feature is correctly configured and operational. 5 If you are able to connect to www.symantec.com, recheck your AVpe configuration settings and group assignments. Make sure that you uninstalled Symantec AntiVirus Corporate Edition from the client workstation, and that the client is a member of group with AVpe enabled, with connections blocked. Retry steps 1 through 4 above. About content filtering Symantec Gateway Security 300 Series supports basic content filtering for outbound traffic. You use content filtering to restrict the content to which clients have access. For example, to restrict your users from seeing gambling sites, you configure content filtering to deny access to gambling URLs that you specify. Content filtering is administered through computer groups and VPN groups. A computer group is a group of computers defined in the Firewall section to which you apply the same rules. Similarly, a VPN group is a group of VPN users defined in the VPN section to which you apply the same rules. When you define a computer group, you specify if the group uses a content filtering deny or allow list. Deny lists (black lists) block internal access to sites on the list and allows all others sites. Allow lists (white lists) permit internal access to sites on the list, and blocks access to all other sites. Note: By default, content filtering is disabled for all computer groups. The allow list permits traffic to pass to sites that exactly match entries in the list. The content filtering engine drops connection requests sent to a destination that do not match the entries in the list. If the allow list is empty, all traffic is blocked. If the deny list is empty, traffic is not filtered. Once entries are added to the deny list, the content filtering engine drops connection requests sent to a destination that exactly matches an entry. Traffic that does not match an entry is allowed to pass. Special considerations When content filtering and AVpe are concurrently enabled, content filtering is performed first. If the content filtering results in a blocked connection, AVpe is not processed; only a content filtering message is logged.