You are on page 1of 5

ProxySG TechBrief – Creating a Compliance Page

What is a compliance page?
The Blue Coat compliance page is a customized warning page that is posted to a user’s browser when they first attempt access to Internet. The Blue Coat compliance page ensures that employees review and acknowledge the company’s acceptable use policy prior to gaining Internet access. The following screen presents the result of implementing the compliance page.

In the above example the user requests www.yahoo.com, and receives the policy screen and needs to click to acknowledge the policy before continuing.

After the user has complied with the policy they are granted access to www.yahoo.com and all permitted sites.

1

Technical Brief

</font> <p> <font face="Arial.address)<br>Your username: $(user)</b></font> <p> <font face="Arial. sans-serif" size="3" color="Red"><b> Your IP address: $(client. <html> <head> <title>Deferred Access Policy </title> <meta name="author" content="Blue Coat systems"> <meta name="description" content="Deferred Access Policy"> </head> <body> <center> <img src=http://www. Helvetica. <p> NOTE THAT CONTENT FILTERING AND VIRUS SCANNING ARE APPLIED <p> FAILURE TO COMPLY WITH THE POLICY WILL RESULT IN WEB ACCESS BEING DENIED 2 Technical Brief . When the user requests a web page.com/images/BCShp_logorev. The following is an example of an HTML compliance page. Helvetica. sans-serif" size="4" color="Red"><b>You are about to access the Internet from the Blue Coat Network <p> <font face="Arial.bluecoat.gif> <p> <font face="Arial.How it works A policy compliance page policy is based on: A redirection to the compliance page – this is actually achieved with an “exception” A policy based on a “cookie” to identify if the user has complied to the policy or not Note: this policy works only for HTTP The Compliance Page The first step is to define the exception rule message that presents your corporate use policy. sans-serif" size="4" color="red">YOU MUST COMPLY WITH THE CORPORATE WEB ACCESS POLICY BEFORE ACCESSING THE INTERNET. Helvetica. sans-serif" size="4" color="Red">INTERNET USAGE IS MONITORED AND LOGGED. a Blue Coat compliance page appears explaining the company’s usage policy and the action the user needs to take. Helvetica.

<p>To comply with the Policy. Step 3 To load the policy to your ProxySG. Compliance Page Policy The following presents the policy enabling the compliance page policy. User ID: $(user)'>Customer Service Centre</a></font> <p> </center> </body> </html> The Exception Rule A user-defined exception will be automatically created when you download the policy as explained in the next section. please click <A HREF="$(url)"> here </A> <br> For any comments email <A href='support@bluecoat. you may want to modify the warning screen to use your own message. open the web management interface.com?subject=Barred web page $(url). The policy can be obtained by going to the following link: http://techlabs. For example. 4.policyexample. Go into Configuration | General | Archive 3 Technical Brief . The policy is processed as follows: The policy compliance page policy intercepts all HTTP requests to HTML content The request is checked to identify if the user has already complied to the policy Redirect user to compliance.bluecoat.bluecoat. 2. user requests http://requestedurl?comply.zip Step 2 You may need to modify some parameters in the copied policy to customize the desired effect for your environment. deny the user and display the built in error page If the user has already complied to the policy. 3. IP address: $(client. the user http://requestedurl is redirected and the cookie is set to ‘comply’ for the requestedurl Implementing a Blue Coat Compliance Policy There are four simple steps to deploy this policy: 1.com/policy/config_compliance.com/?comply://requestedurl Check if user presents the cookie ‘comply’ If user presents the cookie ‘comply’ then we redirect the user to http://requestedurl?comply Else. Download and save the pre-defined Blue Coat Policy Modify the policy to meet you requirements Open the Blue Coat management console to the archive page Install the policy and review results Step 1 Copy the following pre-defined Blue Coat policy on to your local PC.address).

Then click on the button Install from Installation Configuration from Local File. You will see the following screen. Then select the policy file that you previously saved to your PC. 4 Technical Brief .

however. Conclusion The Blue Coat ProxySG allows a security administrator to create a compliance page that ensures that all users read and understand the company’s corporate use policies when accessing the Internet. All rights reserved worldwide.2250 Fax • www. Inc.30BCOAT • 408. Contact Blue Coat Systems • 1. The compliance page can be customized to provide the reader with corporate updates. Once the policy is installed. you are ready to test and review the results. Information contained in this document is believed to be accurate and reliable.com 5 Technical Brief . network outages. Once users have reviewed the written policy.220. Specifications are subject to change without notice.866. Check for any installation errors and correct. they can click on the designated button to proceed and access Web sites according to defined policy on the ProxySG.Step 4 Click on Install at the bottom of the above screen to save and install the policy. Blue Coat is a registered trademark of Blue Coat Systems. Copyright ©2004 Blue Coat Systems. No part of this document may be reproduced by any means nor translated to any electronic medium without the written consent of Blue Coat Systems.bluecoat. assumes no responsibility for its use. Blue Coat Systems. Inc. and worldwide. Inc. in the U.S.2200 Direct • 408. Inc.220. or other information as well. All other trademarks mentioned in this document are the property of their respective owners.