Web Security - Ignored Domains

A new feature has been added to Web Security called Ignored Domains. This feature allows access to certain websites without the need to authenticate, and as such only works when the eSoft device is configured for authentication. It should be noted that this feature only effects authentication. The website will still be checked against web security policies, scanned for viruses and other vulnerabilities.

To configure Ignored Domains click on Proxy Settings under the Web Security menu. On the proxy settings page click on Advanced and locate the Authentication Settings section about half way down the page. eSoft provides a pre-populated list of the most common domains, to add to this list simply type in the domain on a new line.

In the default authentication configuration, sites listed in the Ignored Domains will fall through to the 'Block All' policy. This policy is intended for those who do not authenticate, or cannot provide the correct credentials, and will therefore block all sites. All sites added into the Ignored Domains should also be added to the Web Security Whitelist to prevent this type of block.

If a site in the ignored domains is still requiring authentication the logs and the ThreatMonitor should be checked to make sure the domain in question isn’t redirecting to another, different domain. If there is a redirection taking place it may be necessary to add that domain into the ignored list as well.

This setting is only available if authentication is enabled. If you do not see this setting on the Advanced Proxy Settings page, check to make sure that either Local, or Active Directory authentication has been enabled. The authentication settings can be viewed by clicking Proxy Settings under the Web Security menu.