Web access control

Limit access to specific web content categories and URLs on Windows and macOS computers to optimize network bandwidth usage and employee productivity,

Panda Adaptive Defense 360 uses 160 content categories to group different websites. Select the categories you want to deny computers access to.

The web access control feature supports:

  • The HTTP and HTTPS protocols

  • The HTTP/3 (QUIC) protocol

  • Content Delivery Networks (CDN). These networks speed up content delivery but hide the true intended destination of the connection.

To configure web access control:

  • Select Web access control to expand the panel.

  • Enable the Enable Web access control toggle.

  • To enable Web access control at all times, select Always enabled.

  • To specify when you want to enable web access control, see Configuring time periods for web access control.

  • To configure the categories you want to deny computers access to:

    • In Deny access to pages belonging to the following categories, select the checkboxes for the categories you want to block.

    • Click Clear to remove all selections.

    • To select all squares, click Select all.

    • To Deny access to pages characterized as unknown, enable the toggle.

    • Internal and intranet sites accessible on ports 80 and 8080 could be categorized as unknown. To avoid this, add exclusions for internal pages you want to allow. See List of allowed/denied addresses and domains.

  • To configure lists of allowed and denied domains, see List of allowed/denied addresses and domains

  • To view a list of the URLs visited by each user, see Web access control.

Configuring time periods for web access control

Configure time periods for the web access control feature

Specify the days and hours when you want to enable web access control:

  • Select Enable only during the following times.

  • On the calendar, select the days and hours when you want to enable web access control.

  • Click the day to select the whole day. Click and drag the squares to select multiple days and times.

  • Click Clear to disable web access control for all of the times selected.

List of allowed/denied addresses and domains

You can exclude sites from web access control and always allow access to them. Similarly, you can always deny access to certain sites.

Lists of allowed and denied addresses and domains

To always allow or deny access to certain addresses or domains, enter the URLs in the Always allow access to the following addresses and domains or Deny access to the following addresses and domains text boxes. Bear this is mind:

  • Separate the domains with a comma.

  • You can copy and paste long lists of comma-separated domains in text boxes.

  • The wildcard character (*) is not supported. You can add multiple similar domains to a list with a single domain entry. To do this, you add the part of the domain name that is common to all of the domains you want to add. For example, if you enter mydomain.com, it can represent these additional domains and sub-domains:

    • thisismydomain.com

    • entermydomain.com

    • www.tommydomain.com

  • Panda Adaptive Defense 360 comprehensively compares the URLs you type in the console with the URLs the user visits. For example, if you deny access to https://www.mydomain.com/test/ and the user visits https://www.mydomain.com/test, Panda Adaptive Defense 360 does not block access to the page because the user did not type the "/" character at the end of the URL in the browser.

Database of the URLs accessed from computers

Each computer on the network keeps a database of the URLs accessed from it. This database is in SQLite3 format and is located at %ProgramData%\Panda Security\Security Protection\urlcounters.dg.

This database can only be accessed from the computer for a period of 30 days. The data stored is as follows:

  • User ID.

  • Protocol (HTTP or HTTPS).

  • Domain.

  • URL.

  • Returned category.

  • Action (Allow/Deny).

  • Date accessed.

  • Access count (by category and domain).