0 оценок0% нашли этот документ полезным (0 голосов)
31 просмотров9 страниц
Exception pages are customized Web pages (or messages) sent to users under specific conditions defined by a company and their security policies. Exception pages allow a company to warn, advise, and block users from accessing particular Web sites. The security administrator can define default parameters for all user-defined exceptions.
Exception pages are customized Web pages (or messages) sent to users under specific conditions defined by a company and their security policies. Exception pages allow a company to warn, advise, and block users from accessing particular Web sites. The security administrator can define default parameters for all user-defined exceptions.
Exception pages are customized Web pages (or messages) sent to users under specific conditions defined by a company and their security policies. Exception pages allow a company to warn, advise, and block users from accessing particular Web sites. The security administrator can define default parameters for all user-defined exceptions.
What are exception pages? Exception pages are customized Web pages (or messages) sent to users under specific conditions defined by a company and their security policies. The ProxySG offers multiple built-in exception pages that can be modified for a companys particular needs. Default pages include authentication_failed, policy_denied, and so on. Additionally, administrator-defined exception pages can be created. These pages can reference substitution variables such as authenticated username, client IP address, time, date, and so on, enabling the security administrator to create user specific messages.
Why implement exception pages? Exception pages allow a company to warn, advise, and block users from accessing particular Web sites. These pages give administrators a great deal of flexibility when managing their enterprise administration in terms of how much control they desire to exert over their user community. When a user is denied access to a particular Web site, for example, the administrator can send a customized message to the user explaining the reason for this action.
Exception pages are defined within a hierarchy. There are two main types of exception pages in the hierarchy:
Built-in User-defined
The general form of an exception is the following:
(exception.<exception-id> (contact "") ; displays the contact for further assistance (details "") ; displays the reason why the exception was sent (format ""); defines the format of the page, specifically HTML content (help "") ; defines the help message (summary "") ; defines a summary of the message (http ; specific message for HTTP requests only (code "") ; HTTP return code (typically 200 or 403) (contact "" ; displays the contact for further assistance (details "") ; displays the reason why the exception was sent (format "") ; defines the format of the page, specifically HTML content (help "") ; defines the help message (summary ""); defines a summary of the message ) )
New exceptions are created under the User-defined leaf. The security administrator can define default parameters for all user-defined exceptions.
2 Technical Brief How to implement exception pages There are two steps to implementing exception pages 1. Create an exception page applicable to current corporate security guidelines 2. Create a policy referencing the exception page
Step 1 Create an Exception Page To create an exception page, use the Blue Coat Management Console, select the Policy option then the Exceptions button as shown here.
Open the text editor, by selecting Text Editor from Install Exceptions Definitions from dropdown list. Click on Install.
The following screen is displayed:
3 Technical Brief
To create a new exception page, scroll down until you find the following section on the screen. You will need to insert your user-defined exception before the last ) character in this section:
4 Technical Brief (help) (summary) ) ------------------- insert the user-defined customer error page here )
You can create your own user-defined exception with HTML content our example is called my_exception.
After the section described above, add the following code:
(exception.user-defined.my_exception (http (code "200") (format <<--myexception-- <html> <head> <title>Denied Access Policy </title> <meta name="author" content="Blue Coat systems"> <meta name="description" content="Denied Access Policy"> </head> <body> <center> <img src=http://www.bluecoat.com/images/BCShp_logorev.gif> <p> <font face="Arial, Helvetica, sans-serif" size="4" color="Red"><b>You are about to access the Internet from the Blue Coat Network <p> <font face="Arial, Helvetica, sans-serif" size="4" color="Red">INTERNET USAGE IS MONITORED AND LOGGED.</font> <p> <font face="Arial, Helvetica, sans-serif" size="3" color="Red"><b> Your IP address: $(client.address)<br>Your username: $(user.name)</b></font> <p> <font face="Arial, Helvetica, sans-serif" size="4" color="red">YOU HAVE BEEN DENIED ACCESS TO THIS SITE. PLEASE READ OUR SECURITY POLICY AT http://intranet.acme.com/up.html <p> For any comments email <A href='mailto:support@bluecoat.com?subject=Barred web page $(url), IP address: $(client.address), User ID: $(user)'>Customer Service Centre</a></font> <p> </center> </body> </html> --myexception-- ) ) )
5 Technical Brief
Once you have pasted the code, click on Install to save your changes. You will then be prompted with the following message.
6 Technical Brief
Step 2 Create a policy referencing this exception page Open the Visual Policy Manager from the Blue Coat Management Console by selecting Policy and then Visual Policy Manager.
In the VPM create your Web access policy and define as the action to return the user-defined exception.
7 Technical Brief Click on Return Exception and select the user-defined exception.
Select the user defined exception page from the dropdown list. Our example was called my_exception.
Click OK and Install the Policy. The following screen shows the result of the saved policy.
8 Technical Brief
Test the exception page To test the exception page, go to a URL denied by your policy and you will see the custom HTML page as shown here.
Conclusion The Blue Coat ProxySG allows a company to utilize exception pages to warn, advise, or block users when they access particular Web sites that have been deemed questionable by a corporation. The administrator can make use of built-in exception pages that are pre-defined by the operating system or they can create their own custom exception pages. The ProxySG provides flexibility for a company to control users when accessing Web pages ensuring greater user productivity and compliance with corporate security policies.
9 Technical Brief
Copyright 2003 Blue Coat Systems, Inc. All rights reserved worldwide. No part of this document may be reproduced by any means nor translated to any electronic medium without the written consent of Blue Coat Systems, Inc. Specifications are subject to change without notice. Information contained in this document is believed to be accurate and reliable, however, Blue Coat Systems, Inc. assumes no responsibility for its use. Blue Coat is a registered trademark of Blue Coat Systems, Inc. in the U.S. and worldwide. All other trademarks mentioned in this document are the property of their respective owners.
Contact Blue Coat Systems 1.866.30BCOAT 408.220.2200 Direct 408.220.2250 Fax www.bluecoat.com