topic 5525X not blocking prohibited categores inside search engine sea in Web Security

5525X not blocking prohibited categores inside search engine searches

Chris Cooper — Mon, 08 Jul 2013 14:35:55 GMT

We are currently having an issues with users being able to see images that should be blocked by a category inside of google image search. I know with websense, you could enable it to filter inside of google search to block prohibited images. How can I get this to work?

5525X not blocking prohibited categores inside search engine sea

Chris Illsley — Wed, 10 Jul 2013 13:34:43 GMT

Hi Chris,

When you are doing the searches are you signed into Google or using https, (Safari's search bar defaults to https), if your proxy isn't set up to decrypt https it won't be able to read the page to block images.

Confirm you are definitely using standard http and see if it is still doing this.

Thanks

Chris

5525X not blocking prohibited categores inside search engine sea

Chris Cooper — Wed, 10 Jul 2013 13:46:25 GMT

None of the above. we are simply going to http://www.google.com then selecting images at the top. Once the search is executed, all images are displayed regardless of content. I know that we can turn of safe search and stuff like that, but that is not something we can control for over 400 users very easily. It doesn't matter which browser we use, Chrome, IE, Firefox, they all do the same thing. Chrome uses https, but IE is http. I have decrypt everything turned on, so it should be decrypting all https traffic. I can also see that my Certificate is working and all the clients have it installed.

5525X not blocking prohibited categores inside search engine sea

Chris Illsley — Wed, 10 Jul 2013 13:48:59 GMT

Gah, there's the problem I don't think there's anyway around it unless you enforce safe search.

Thanks

Chris

5525X not blocking prohibited categores inside search engine sea

Chris Cooper — Wed, 10 Jul 2013 13:51:30 GMT

That's terrible. Websense does this. We were looking to migrate away from them, but this may be a deal breaker for us. Thanks for your help. I may open up a TAC case to see if they can get it working. I will update this post if I receive anything back. Thanks again.

5525X not blocking prohibited categores inside search engine sea

Chris Illsley — Thu, 18 Jul 2013 08:22:07 GMT

I've found a resolutuion for a different web filter and am looking into if/how it could be applied to IronPort:

The changes made today are as follows, it all makes sense and works:

- Requests for www.google.com or www.google.co.uk are returned with nosslsearch.google.com by the WFS Gateway.

- Requests for encrypted.google.com are blocked.

The way this works is that when a user requests www.google.com or www.google.co.uk they are instead asking for nosslsearch.google.com - This way Google does not redirect the user to the encrypted HTTPS version of www.google.com or www.google.co.uk - Now that the webpage is not encrypted the Content Filter can now enforce the safe search options.

I'll let you know if I have any luck, but if anyone else can work it out let me know.

Cheers

Chris