Blocking access to certain resources in the internet is always a controversial topic. Usually there are good reasons to do so: Security and productivity are the most important ones.
Within the Astaro Security Gateway (the Astaro flagship product) come efficient but granular policies that restrict or allow access to network resources. This starts with packet filtering rules and IPS, continues with security and productivity settings for e-mail (think about spam!) and ends with elaborated settings for web security. This also includes remote offices connected via RED as well as mobile clients connected via WLAN.
For example, let’s choose "wikileaks" (http://twitter.com/#!/wikileaks), a web site which has existed since 2006, but which has just recently gained massive attention.
There are people who think wikileaks is a criminal, or even a terrorist organization. Others praise it for releasing classified documents of governments, institutions and associations that try to keep them secret and non-public for various reasons, therefore increasing transparency.
The ASG gives you the option to make your own choice. For example, if wikileaks is classified into a blocked category within your profile, you are able to disagree by doing one of the following:
- Clicking in Version 8 on Unblock URL (will be logged) and authorize yourself to get access
- Adding "wikileaks.*" to Web Security >> HTTP/S >> URL Filtering >> Always allow these URLs/sites
- Creating a new exception list under Web Security >> HTTP/S >> Exceptions, adding "wikileaks.*" and marking URL Filter as check that shall be skipped
- Adding "wikileaks.*" to Web Security >> HTTP/S Profiles >> Filter Actions >> Always allow these URLs/sites, if you manage different profiles
For every rule, there is at least one exception. It is up to you to make the choice!