Facturación 38 

After you add or change rules, web browser cache and caching servers may have content stored locally that makes a rule appear to be working improperly. If this occurs, then the web browser cache should be cleared manually and the cache should be cleared on caching servers.

Order of Execution within Rules

Because rules configured for the Barracuda Web Security Service can include different types of restrictions, it's important to understand the order in which web requests are compared to configured restrictions.

When the Barracuda Web Security Service blocks SSL sites, the user receives an error message rather than a block page because the web browser cannot complete the SSL handshake with the blocked destination server.

Unknown users appear as username “None”, “Unknown”, or a blank Username field in logs and reports. Authenticate all traffic through the Barracuda Web Security Gateway or Remote client software to ensure meaningful user reporting.

1. 2. 3. 4. 5. 1. 2. 3. 4.

When you create a complex rule that includes a combination of several types of blocks, the restrictions and exceptions are executed in this order:

Whitelist Blacklist File extension Content type

Category (includes Anti-virus, Anti-malware, and content blocked by Purewire Intelligence)

Web content is evaluated against rules in the order they appear on the Rules tab of the Barracuda Web Security Service web interface, top to bottom. Manage the rule order by moving rules up or down in the list. If a rule is true, the Barracuda Web Security Service completes the specified action, and rule processing stops.

Blocking or Allowing Access within a Rule

Rules can include any combination of the following components, which control what the rule denies or allows:

Whitelist—rules with a whitelist component allow access to specific sites. They can apply to all users, groups of users, or specific IP addresses. Whitelist rules are the first rules Barracuda Web Security Service Manager checks when a user request occurs, so a site on a whitelist rule will be available even if another rule is created to deny it. Use an asterisk (*) to allow all.

Blacklist—rules with a blacklist component deny access to specific sites. They can apply to all users, groups of users, or specific IP addresses. You can configure an alert email to be sent when the rule is triggered, or choose to log the attempt. Use an asterisk (*) in the blacklist entry to deny all.

Compliance—rules can enforce restrictions to defined content types or file extensions accessed with configured applications or through configured URL categories.

Safe Search—rules with the Safe Search feature enabled enforce Safe Search for the designated search engine, returning filtered search results only, no matter what the user browser Safe Search preference settings indicate.

Enforcing Safe Search with a Rule

The Safe Search option is available in the Rules > Image/Multimedia Safe Search > Compliance area. The Safe Search option is available for the following search engines:

Bing Dogpile Google MSN Yahoo

This Safe Search option is available when the administrator creates or edits a rule, and is enforced for the selected engine(s) used by anyone in the set of Groups or IP Addresses specified in the Applies To area.

Search engines apply various search filters, usually associated with websites that contain adult content or other inappropriate content as defined by that search engine. When Safe Search filtering is selected in the user’s web browser, then the search engine applies its filters and displays filtered search results to the user. However, Safe Search filters in a search engine can be deselected by the user in the web browser. The Safe Search feature in the Barracuda Web Security Service can translate URLs so that the search engine can enforce its Safe Search filters regardless of the filter preference set by the user in the web browser.

For example, if the Safe Search preference for Google in a user’s web browser is deselected, but the administrator enables Safe Search in the Barracuda Web Security Service for Google, then the Service translates the URLs so that Google can enforce its Safe Search filters regardless of the Safe Search preference set in the user’s web browser.

If the administrator enables Safe Search for a search engine and also creates a rule to block URLs in a specified Category, then:

The search engine applies its Safe Search filters and displays filtered search results to the user.

If the user clicks a URL in the search results that resolves to a blocked Category in Barracuda Web Security Service, then the user sees the blocking page that you have designated for that Category.

For example, if the administrator creates a rule in Barracuda Web Security Service to block URLs for the category Games, and also enables Safe Search for Google, then the user’s search for “Games” returns results that are filtered by Google. If that user then clicks on a URL that resolves to the category Games in Barracuda Web Security Service , then the user sees the blocking page that you have designated for that Category.

The Purewire Intelligence WebDAV DLL Hijack Rule Option