Note: This topic applies to the Kenilworth Release.
When an HTTPS inspection policy is in place, Guardian displays a warning page informing users who try to access a HTTPS web site that their communication with the site is being monitored. Users must actively accept the monitoring by clicking Yes in order to continue to the site, or click No to end the communication.
Note: You must configure HTTPS settings and certificates in order for an HTTPS inspection policy to work. For more information, see Managing HTTPS Inspections.
|1.||Go to the Guardian > HTTPS inspection > Policy wizard page.|
|2.||Step 1: Who — From the Available users or groups list, select who the policy will apply to.|
Tip: Enter a name or part of a name and Guardian will search for names of users and groups that match.
Click Add and, when you have added all the users and groups, click Next to continue.
|3.||Step 2: What — From the Available categories or category groups list, select what is to be inspected.|
Tip: Enter the name or part of the name and Guardian will search for content that matches.
Click Add and, when you have added all the categories or category groups, click Next to continue.
|4.||Step 3: Where — From the Available locations list, select where the policy will apply.|
Tip: Enter the name or part of the name and Guardian will search for locations that match.
Click Add and, when you have added the location(s), click Next to continue.
|5.||Step 4: When — From the Available time slots list, select when the policy will apply.|
Tip: Enter the name or part of the name and Guardian will search for time slots that match.
Click Add and, when you have added the time slot(s), click Next to continue.
|6.||Step 5: Action — Select one of the following actions to apply:|
|•||Create policy folder — Select this action when configuring Guardian at a central installation where you need to create policy folders for multiple locations or groups.|
|•||Decrypt and inspect — Select this action to decrypt and inspect the encrypted content.|
|•||Validate certificate only — Select this action to check secure certificates on web sites. Any sites whose certificates are self-signed, out of date or otherwise invalid will be blocked.|
|•||Do not inspect — Select this action to not inspect the communication. An example of using this would be to not intercept communication with banking sites if a blanket policy of inspecting all HTTPS communication was in place.|
|7.||Select Enable policy to enable the policy and then click Confirm.|
|8.||Guardian displays the settings you have selected. Review them and click Save to create the policy. Guardian creates the policy and makes it available on the Guardian > HTTPS inspection > Manage policies page. You must now specify in what order Guardian should apply the policy.|
Note: Each step must be completed in order to create the policy. If you skip a step, Guardian creates a policy folder in which you can store policies. For more information about policy folders, see Working with Policy Folders .