The Endpoint Protection Plus settings are based on the creation of profiles and groups of computers to which specific policies are assigned.
To configure a profile, select the Profiles option in the left panel of the Settings tab. To create a new profile, select Create New Profile or click the existing profiles to edit them.
Each profile has six sections: General, Antivirus, Firewall, Device Control, Exchange Servers and Web access control (the latter two options are only configurable for licensed customers of PCOP Advanced).
These sections will be displayed in the menu on the left of the console once you have selected the profile to edit or create.
Enable or disable the Web access monitor for Windows servers and workstations by selecting/clearing the relevant checkbox. If you select it, you will be able to:
- Deny access to certain Web pages
Web pages are grouped into categories. Select the categories you want to deny access to. After your computers have been updated with the new settings, it won't be possible to access any page belonging to the selected categories.
Note: If a user tries to access a Web page belonging to a blocked category over HTTPS, an access denied notification will be displayed.
Remember that you can enable or disable these warnings through the Warnings tab in the Windows and Linux settings.
- Deny access to pages categorized as unknown
You can deny access to pages categorized as unknown simply by selecting the relevant checkbox.
However, bear in mind that internal (intranet) sites that connect on ports 80 or 8080 may be categorized as unknown, resulting in users not being be able to access them.
Therefore it is very important that you analyze those connections carefully before enabling this option. Alternatively, you can enable the option to block access to pages categorized as unknown and later unblock any sites you might need to access by adding them to the list of allowed addresses and domains.
- Changing allowed/denied categories and updating computers
After you change the list of allowed or denied categories, it can take up to 4 hours for your computers to receive the new settings.
During this time, the Web access control feature will behave in exactly the same way as it did before the modification.
Nevertheless, if necessary, you can force the update on each computer where the protection is installed. To do so, right-click the protection icon in the taskbar (next to the Windows clock), and select Update.
- List of allowed/denied domains
Additionally, you can set a list of pages that will always be allowed (whitelist) or blocked (blacklist).
You can edit these lists at any time. Follow these steps:
- Enter the URL for the relevant address or domain in the text box.
- Click Add.
- Use the Delete and Clear buttons to edit the list according to your needs.
- Finally, click OK to save the settings.
After completing these steps, go to the Status screen to see information about the Web pages accessed.