Rules are configured with criteria that can be compared to traffic. Traffic matching the rule can be allowed (for Whitelist matches) or denied (for all others). In addition, the Barracuda Web Security Service can perform one or more of the following actions configured at the bottom of the RULES page:
- Display a Block Page
Customizing Block Pages
The Barracuda Web Security Service displays a block page to users whose web traffic is blocked. You can determine what users see in this case by choosing one of the following options:
- Create custom blocking messages on a per-rule basis.
- Replace the Barracuda Web Security Service default block page with a custom global block page of your own using CONFIGURATION > Content Filtering Services > URL Blocking.
- Use the Barracuda Web Security Service default block page.
Bypassing a Block Page
You may want to block access to certain sites or categories for most users, but allow it for an individual or department. For example, you may want to prevent your workforce from using job search sites, but may need to give your recruiters access to those sites. You can accomplish this by creating a global rule blocking the sites and another rule allowing specific users or groups to bypass the block page.
When you create the bypass rule, you specify a password which you can provide to the individuals who are allowed to bypass the block and go to the site. The block page they see contains a password entry field. After entering the bypass password, the users can continue on to the site. The bypass prompt only appears on the block page seen by the users specified in the bypass rule.
You can set up a coaching page that warns users that they are attempting to visit a disallowed site or category. Users can continue to the website anyway by clicking an acknowledgement button. To use bypass or coaching, the request to the Barracuda Web Security Service must contain a username (from a Barracuda Web Security Service Connector, or Barracuda Web Security Agent) in order to track the session; if not, then the user sees the regular block page.
The Barracuda Web Security Service can log requests that violate a policy whether you block them or not. This lets you monitor and report on web activity even if you do not block traffic.
If a user triggers a bypass or coaching page, and then continues on to the disallowed site, their action is logged accordingly. If the user doesn’t continue on to the disallowed site, the transaction is logged as a block.
To inform others when a user makes a request that violates a rule, you can send an email to multiple addresses.