Web Security: Exceptions for Content Filter Overriding
The "bypass blocking" is a very useful feature, but it could represent a lack of security because admin cannot choose which url category cannot be bypassed.
For example, I don't like that my users can bypass content filtering for Illegal Software, Anonymizers and Malicious sites, but I can accept that they can bypass "Incidental Nudity" (a category that in some cases may be incorrect).
In it's current implementation the bypass feature is quite pointless. Admins rarely need that feature and without any policies attached it's too dangerous to allow regular users to bypass.
Also, the warn action doesn't solve the problem: We have lots of computers which run on somewhat anonymous accouns who are only allowed a few categories. When a user with greater priviledges needs to use those stations, he should be able to bypass (i.e. relogin with his own account without changing the logged on windows user). But of course we don't want him to access any category - only those he normally would have access to if logged on regularly.
If that for some technical reason is hard to implement, at least add the option to specify a single filter policy that applies to all bypassed sessions!
In version 9.2 we added the 'Warn' option for policy. This allows users to proceed to certain categories after receiving a warning page. It's similar to the override feature, except that it doesn't require username and password.
Does this solve your problem? WIth 'Warn', you can set up policy so that 'questionable' categories that are OK to override get a warning, and you can disable the 'override' feature altogether, so that the 'Block' policy for completely unacceptable categories is always enforced...
i have been trying to load youtube to play an educational video but since youtube is blocked by your filter, i cannot show my fellow hpac members this video. I am a tenth grader running for president of my group and this affects my election.