Manage User Access to Content in DNSWatch

Content filter policies are not enabled by default. If you want to filter content available to users, you must create a new policy. If you delete a policy used by a network, Firebox, or DNSWatchGO Client, the content filter is turned off for that device or network.

In addition to DNSWatch protection from malicious domains based on intelligence feeds, you can use DNSWatch policies to block domains in selected content categories on protected networks and devices. The Safe Search option helps filter out explicit content in search results across multiple search engines. You can create multiple policies to meet the requirements of your different networks. Each protected network and DNSWatchGO Client Group can use a different policy.

For example, you have two branch offices with separate protected networks and all laptops have the DNSWatchGO Client installed. You can create a different policy for each branch office network or assign the same policy to both networks. You can also create a separate policy to use with the DNSWatchGO Client when the laptops are not on a protected network.

If you want to organize your clients into categories, you can create your own client groups and assign specific policies to each group. For example, you can create a policy and apply it to your marketing team. For more information, go to Manage DNSWatchGO Client Groups.

You can create and apply these types of policies:

  • Protected network or Firebox policy — This policy is assigned to a protected network to filter requests for content in the specified categories. If the marketing and sales teams are on separate networks, you might want to allow them to connect to social media and streaming media but restrict those categories for other users. Fireboxes with DNSWatch enabled are considered to be the same as a protected network for content filter policies.
  • Client policy — This policy is used by the DNSWatchGO Client when users are not connected to a protected network. You can allow domains categorized as social media and streaming media for users who are traveling and not on the network but block those domains for users who are on the protected network. You can designate different client policies to every client group you create, or you can apply one policy to all client groups.

Protected Networks Screen Example

Safe Search

You can enable Safe Search mode as part of a content filter policy. With Safe Search enabled in the policy, every network or DNSWatchGO Client with that policy automatically redirects to the Safe Search versions of the selected search engines:

  • Google — https://forcesafesearch.google.*
  • YouTube — https://restrict.youtube.com
  • Bing — https://strict.bing.com
  • DuckDuckGo — https://safe.duckduckgo.com/

    Screen shot of Safe Search options

Create a New Policy

DNSWatch does not filter content by default. If you want to filter or block the content available to your users, you must create a policy. You can create multiple DNSWatch policies to use with your protected networks, DNSWatchGO Client, and DNSWatchGO Client Groups.

  1. Select Configure > Content Filtering Policies.
    The Content Filtering Policies page opens with the Policies tab selected.
  2. Click Create New Policy.
    The Create Policy page opens.
  3. In the Policy Name text box, type a descriptive name for the policy and click Save Policy.
  4. To enable Safe Search enforcement for a search engine, on the Safe Search tab, select the Enable Safe Search check box next to the search engine provider and click Save Safe Search.
  5. On the General tab, click Save Policy.
    The Edit Policy: General page opens.
  6. Select the Categories tab.
    The Edit Policy: Categories page opens.
  7. Select the check boxes for the categories you want to filter.
  8. To see subcategories, click the arrow next to the category name. If all subcategories are selected, the check box next to the top-level category is selected. If only some subcategories are selected, the top-level category displays a hyphen. If you do not want to block that category, clear the check box.

Screen shot of the Categories tab on the Content Filtering page

For a complete list of available categories and descriptions, go to About DNSWatch Content Filter Categories.

  1. Click Save Categories.

Edit a Policy

You can edit groups if you want to change the name or assign a different policy.

  1. Select Configure > Content Filtering Policies.
    The Content Filtering Policies page opens with the Policies tab selected.
  2. Click Edit Policy for the policy you want to edit.
    The Content Filtering Policies Edit page opens with the General tab selected.
  3. Select the Categories tab.
    The Categories list appears.
  4. Select the check boxes for the categories you want to filter. To view subcategories, click the arrow to the right of the category name. When you select a top-level category, its subcategories are automatically selected. If you do not want to block that category, clear the check box.
  5. Click Save Categories.

Assign Policies

If you want to apply a policy to multiple networks, you can do that from the Content Filtering page. A Firebox with DNSWatch enabled is considered to be a protected network.

After you create a policy, you can make the policy the default policy for networks or Fireboxes that do not have a specific policy assigned. On the Content Filtering policies page, select the policy from the Default Policy drop-down list then click Update Default Policy.

After you create a policy, you can assign that policy to specific DNSWatchGO Client groups. On the DNSWatchGO Client Groups page, click Edit next to the group you want to change. On the Edit Group page, select the policy you want to apply to your group and click Save Group.

  1. Select Configure > Content Filtering Policies.
    The Content Filtering Policies page with the Policies tab selected.
  2. Click Edit Policy for the policy you want to edit.
    The Content Filtering Policies Edit page opens with the General tab selected.
  3. Select the Networks tab.
  4. Select the check boxes for each network or Firebox that you want to use the policy.
  5. Click Save Networks.

Delete a Policy

If you do not use a policy, you can delete it.

  1. Select Configure > Content Filtering Policies.
    The Content Filtering Policies page opens with the Policies tab selected.
  2. Click Edit Policy for the policy you want to edit.
    The Edit Policy: General page opens.
  3. Click Delete Policy.
    The Delete Policy confirmation page opens.
  4. Click Delete Policy.

Related Topics

Manage DNSWatchGO Client Groups

About DNSWatchGO Client

About DNSWatchGO Protected Networks

About DNSWatch Content Filter Categories

Request a Content Category Change