Reference Guide
Manage Policies
Web Protection monitors web browsing and downloads to identify threats and enforce action set by
policy when a threat is detected, based on ratings for websites. When you set the master policy, Web
Protection, to On, you can set other policies for Web Protection.
The Reputation Service analyzes each website and assigns a color-coded safety rating based on test
results. The color indicates the level of safety for the site:
Red – Malicious
Yellow – Potentially malicious
Green - Safe
Through the following policies, you can assign actions to implement when a user accesses a website or
attempts a download, based on website ratings:
Rating Action for Red Sites - Specifies the action to apply to sites that are rated Red. Default: Block.
Rating Action for Yellow Sites - Specifies the action to apply to sites that are rated Yellow. Default:
Warn.
Rating Action for Unrated Sites - Specifies the action to apply to sites that are Unrated. Default: Allow.
Rating Action for Red Downloads - Specifies the action to apply to file downloads that are rated Red.
Default: Block.
Rating Action for Yellow Downloads - Specifies the action to apply to file downloads that are rated
Yellow. Default: Warn.
Rating Action for Unrated Downloads - Specifies the action to apply to file downloads that are Unrated.
Default: Allow.
Configurable actions for website access or download attempts include the following:
Block – Prevents users from accessing the site or downloading a file from the site. A message is
displayed.
Allow – Permits users to access the site or proceed with the download.
Warn – Displays a warning to notify users of potential dangers associated with the site or download file.
Users must dismiss the warning before ending the web session or proceeding with the download.
To exclude a private IP address or range of addresses from Web Protection content rating actions,
specify the IP address or IP address range in the IP Exclusions for Web Protection policy.
To block all phishing pages, without regard to policy values that control content rating actions, select the
Enforcement - Block Phishing Pages for All Sites policy.
Designate a Threat Protection Signature Update Server
Both an HTTP and FTP signature update server are pre-configured with your Dell Server installation.
You can also, optionally, designate an internal signature update server or servers within your network.
Designating a signature update server within your network allows client computers to obtain signature
updates without accessing the Internet. Rather than individual clients contacting an external update
server, they contact your internal update server, which maintains current signatures through contact with
the external signature update server.
To designate a signature update server, follow these steps:
1. As an administrator on the server to be the internal update server, run the appropriate command:
VSSETUP_86.EXE /SetRelayServerEnable=1
246