Filtering Web Content Security Management Need To Focus On Multiple Levels – Network Equipment,

To protect business from Internet threats hardware most concentrated solutions, in addition to the best integrated URL filtering, WEB application reports, real-time monitoring and internal threats to remove such features, also should include multi-level management functions. When has branches / subsidiaries located in different cities or countries, medium and large enterprises hope that the general direction in the company’s security strategy, with different branches or subsidiaries for some degree of authority to modify its security strategy, you need to use hierarchical management capabilities to help enterprises achieve goals. The management of only a single independent enterprises to centrally manage security policies, can not cope with the different branches and subsidiaries of the Web needs, will increase the head office IT staff workload.

Multi-level management should include the global manager, group manager, the lowest level of filtering, group, sub group, the detection range, the Special Account, synchronous centralized control of management. Among them, the global administrator (GlobalAdministrator) is a filtering device has absolute control over all accounts. Global administrators can according to the company security policy, security in Web content filtering device to create different groups, and then build a team for each group. Global administrators can control all unlimited Web content security filtering devices.

Group administrator set up by the global administrator. Authorized changes in the global security policy administrator within the group administrator account can be modified for the needs of groups for security policy. Group administrator can only modify the security policy affecting the management of this account group. Each group, you can just set up a group administrator account.

Minimum filtering level (Minimum Filtering Level (MFL)) is determined by the global administrator set the filter level. Company-wide minimum level of filtering is to be consistent regardless of which group the minimum standards for the implementation of strategy. For example, when the company will set minimum standards of security policy is filtered of pornography and threats to information security-related categories, the group manager will not be able to filter from the device group cancel any type of pornography and threats to information security-related security strategy, only suitable for other types of security policy setting. When a company to fully implement the safe use of government at the same time, they want to give a degree of adaptation each group permissions, MFL is useful. Downstream filter group administrator can increase the level of the lowest category, but can not remove the administrator from the global set of minimum filtering level.

Group is defined by the administrator to set global group of users. For example: a global network administrator can set the sub-10.10.10.0/24 as a group. Both the global administrator or group administrator can create a sub-group. Sub-group for further description of the group members. In the example above, for example, if the sub-group to set the subnet 10.10.10.0/24 as a group, in this group may be re-created sub-groups, such as 10.10.10.0/25 and 10.10.10.129 / 25 . Global Administrators can determine exactly one IP address from which domain.

Special Account is a user name / password, the global administrator or group administrator to create. The aim is to allow a safe use of their account can be exempted from the restriction policy, visit any Web site. Global administrators can choose to allow the Special Account to bypass the minimum level of filtering, you can also choose the special account only by the restrictions on the minimum level of filtering. Special Account can be assigned to any user.

When the company configure multiple filtering device that allows filtering device between the master-slave relationship, synchronous centralized control and management of all filtering equipment. When the filter device of any major changes, will be reflected on the subsidiary. This feature in the environment of multiple filtration equipment is very helpful, the administrator can remove the practice of manually change the settings one by one.

Now that we understand the hierarchical management functions, then the hierarchical management work in practice what purposes? May wish to use case to illustrate. For example, a five primary schools, 3 middle schools and two high school district office has a T3 Internet portals for each school using T1 connections. All Internet access must be through the school district office port connected to the Internet. School district have an acceptable use policy, all students and staff are not allowed to visit the school district is classified as pornography, R-class, gambling, non-educational online games, Internet-based e-mail, violence and discrimination, alcohol, illicit drugs, cults, and hackers all the related sites. However, the acceptable use policy with one exception: if the consent by the principals, and school district where the school therapist and consultant to improve the quality of students to study for the purpose of access is limited to the site.

Related posts:

1. Why Should My Business Focus On Network Security
2. Security of network information security management should be strengthened online behavior – network
3. Security Of Network Data Security Management Should Be Strengthened On-line Behavior – Network
4. Network Security: It should be protection from passive to active prevention – network security, acti
5. Outsourcing Network Management and Security