Configure Content Filtering in WatchGuard Cloud

Applies To: Cloud-managed Fireboxes

For cloud-managed Fireboxes, you can enable and configure content filtering with WebBlocker and Application Control security services.

WebBlocker

WebBlocker helps you control the websites that are available to your users. WebBlocker uses a database that groups website addresses into content categories.

When a user on your network tries to connect to a website, the Firebox looks up the address in the WebBlocker database and takes the action you specify for the content category. For cloud-managed Fireboxes, you cannot specify the action WebBlocker takes for uncategorized websites.

  • View All Subcategories — Opens the subcategory page where you can select an option for each subcategory.
  • Allow All — Allows all websites in all subcategories. No websites are blocked.
  • Warn All — Shows a warning page when the user tries to go to sites in all subcategories.
  • Block All — Blocks all websites in all subcategories. The Firebox does not add the websites to the Blocked Sites list.
  • Bypass Decryption All — Prevents HTTPS Decryption for websites in this category and allows all websites in all subcategories. WebBlocker does not block any websites in the category.

Application Control

Application Control enables you to monitor and control the use of applications on your network. Application Control uses over 1800 signatures that can identify and block over 1000 applications. You can use Application Control to block the usage of specific applications, and you can report on application use and use attempts. For some applications, you can block specific application behaviors, such as file transfer.

  • View All Subcategories — Opens the subcategory page where you can select an option for each subcategory of applications.
  • Allow All — Allows all applications in all subcategories. No applications are blocked.
  • Block All — Blocks all applications in all subcategories.

Add Content Filtering Actions

For content filtering services, you can configure multiple actions and assign a specific action to each policy. By default, if you select the option to create your own actions, all actions are set to Allow. If you select to use the WatchGuard Cloud recommendations, then the actions for a selection of subcategories are set to Block.

For content filtering to apply to traffic through the Firebox, you must also enabled content filtering in firewall policies. For information about policy settings, see Configure Security Services in a Firewall Policy.

When you add a content filtering action, it includes settings for WebBlocker and Application Control.

To add a content filtering action:

  1. Select Configure > Devices.
  2. Select a cloud-managed Firebox.
    Status and settings for the selected Firebox appear.
  3. Select Device Configuration.
    The Device Configuration page displays the WatchGuard Cloud security services.
  4. Click the Content Filtering tile.
    The Content Filtering page opens.

WatchGuard Cloud screen shot of Content Filtering page

  1. Click Add Action.
    We recommend that you do not rename or delete the default action.

WatchGuard Cloud screen shot of Add Action, Content Filtering

  1. To include the WatchGuard recommended blocked categories and applications in the action, select I want to use WatchGuard Cloud recommendations.
    Select I want to create my own actions to start the action with no blocked categories or applications.
  2. Click Next.
  3. In the Name text box, type a name for the action.

  1. On the WebBlocker tab, review the recommended blocked categories.
    To filter the categories, in the Search box in the top, right corner, start to type a category name.

WatchGuard Cloud screen shot of WebBlocker categories

  1. To allow or block categories, on the right side of a category, click and select an option (Allow All, Block All, Warn All, or Bypass Decryption All).
  2. To view the individual subcategories, on the right side of a category, click and select View All Subcategories.
    The subcategories page opens.

  1. For each subcategory, select an option from the drop-down list (Allow, Block, Warn, or Bypass Decryption All).
    To update all of the subcategories, click Block All or Allow All in the upper, left corner of the page
  2. To enable an alarm for a subcategory, select the Alarm check box.
    When you select the Alarm check box, an alert is sent regardless of whether the category is set to Block or Allow.
  3. Click Update.
  4. On the Application Control tab, review the recommended blocked applications.
    To filter the applications, in the Search box in the top, right corner, start to type an application name.

WatchGuard Cloud screen shot of Application Control tab

  1. To allow or block applications in a category, on the right side of a category, click and select Allow All or Block All.
  2. To view the individual subcategories, select View All Subcategories.
    In this example, the Tunneling and proxy services subcategory page opens.

WatchGuard Cloud screen shot of Application Control subcategories

  1. For each subcategory, select an option from the drop-down list (Allow, Block).
    To update all of the subcategories, click Block All or Allow All in the upper, left corner of the page
  2. Click Update.
  3. To save the action to cloud, click Save.

Delete a Content Filtering Action

  1. In the row for an action, click .
    A confirmation dialog box opens. You cannot delete an action that is applied to a policy.

WatchGuard Cloud screen shot of Content Filtering page, delete icon

  1. Click Delete.

See Also

Add a Cloud-Managed Firebox to WatchGuard Cloud

Application Control and WebBlocker