Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

Web Security: Exceptions for Content Filter Overriding

The "bypass blocking" is a very useful feature, but it could represent a lack of security because admin cannot choose which url category cannot be bypassed.

For example, I don't like that my users can bypass content filtering for Illegal Software, Anonymizers and Malicious sites, but I can accept that they can bypass "Incidental Nudity" (a category that in some cases may be incorrect).

21 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    flaserraflaserra shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    Brian EggenbergerBrian Eggenberger shared a merged idea: Web Filter - Bypass Users - Specific Sites  ·   · 
    Rico SkaletzRico Skaletz shared a merged idea: Web Security: Exclude Some Categories from Override Feature  ·   · 

    3 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Anonymous commented  ·   ·  Flag as inappropriate

        In it's current implementation the bypass feature is quite pointless. Admins rarely need that feature and without any policies attached it's too dangerous to allow regular users to bypass.

        Also, the warn action doesn't solve the problem: We have lots of computers which run on somewhat anonymous accouns who are only allowed a few categories. When a user with greater priviledges needs to use those stations, he should be able to bypass (i.e. relogin with his own account without changing the logged on windows user). But of course we don't want him to access any category - only those he normally would have access to if logged on regularly.

        If that for some technical reason is hard to implement, at least add the option to specify a single filter policy that applies to all bypassed sessions!

      • Rich BaldryAdminRich Baldry (Product Owner, Web Protection, Sophos Features & Ideas Laboratory) commented  ·   ·  Flag as inappropriate

        In version 9.2 we added the 'Warn' option for policy. This allows users to proceed to certain categories after receiving a warning page. It's similar to the override feature, except that it doesn't require username and password.

        Does this solve your problem? WIth 'Warn', you can set up policy so that 'questionable' categories that are OK to override get a warning, and you can disable the 'override' feature altogether, so that the 'Block' policy for completely unacceptable categories is always enforced...

      • AlexAlex commented  ·   ·  Flag as inappropriate

        i have been trying to load youtube to play an educational video but since youtube is blocked by your filter, i cannot show my fellow hpac members this video. I am a tenth grader running for president of my group and this affects my election.

      Feedback and Knowledge Base