Stormshield SN series Configuration Manual page 254

Search engine options
Enable search engine
filter (Safesearch)
YouTube EDU login(X-
YouTube-Edu-Filter)
Google services and
accounts allowed
HTML/JavaScript analyses
Inspect HTML code
Max. length for a HTML
tag (Bytes)
Inspect JavaScript
code
Automatically delete
malicious content
Page 254/448
This mechanism allows excluding websites, documents or images that are explicitly
inappropriate or undesirable from the results of web searches conducted on the main
search engines (Google, Bing, Yahoo)
The "Education" filter blocks any video that has not been included in the YouTube EDU
portal's Education and Training category. This portal, dedicated to educational
institutions, also provides access to hundreds of thousands of free educational
videos.
To enable the filter, go to the educational resources and customize the accessible
content using playlists and sign up on the portal. Next, enter the login given by the
website.
For further detail, please visit:
https://support.google.com/youtube/answer/2695317?hl=en
This option allows restricting access to Google services and accounts by entering only
authorized domains in this list.
Enter the domain with which you have signed up to Google Apps, as well as any
secondary domains you might have added to it. Users accessing Google services from
an unauthorized account will be redirected to a Google block page.
The way this option works is the firewall intercepts SSL traffic toward Google and adds
the HTTP header "X-GoogApps-Allowed-Domains" to it, the value of which is the list of
authorized domain names, separated by commas. For more information, please refer
to the following link:
FR https://support.google.com/a/answer/1668854?hl=fr
EN https://support.google.com/a/answer/1668854?hl=en
NOTE
SSL inspection has to be enabled in the filter policy for this feature to work.
Any page containing HTML content that is likely to be malicious will be blocked.
Maximum number of bytes for an attribute of a HTML tag (Min : 128; Max: 65536).
In order to prevent malicious content from damaging dynamic and interactive web
pages that use JavaScript programming, a scan will be conducted in order to detect
them.
In the same way as for the option Inspect HTML code, if this option is selected, a page
containing JavaScript content that is likely to be malicious will be blocked.
Instead of prohibiting the TCP connection, the scan will erase the malicious content
(e.g. attribute, HTML marker) and allow the rest of the HTML page to pass through.
Example of malicious behavior: Redirection without your knowledge, to a website
other than the site you had intended to visit.
NOTE
Selecting this checkbox will disable the Enable on-the-fly data decompression
option.
SNS - USER CONFIGURATION MANUAL V.3
http://www.youtube.com/schools
sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
PROTOCOLS
or