GAT Shield provides a web filtering option called Site Access Control. This allows admins to block websites to set of users
Shield Alert rules #
Shield also provides a DLP system called Alert Rules. Shield has a few different types of Alert rules
- File download
- Page content inspection
- Google doc inspection
- Visit
- Search
- Device usage
- Location
- IP Address
- ActiveID
Visit Alert rule #
The Visit Alert rule can be set and allow admins to be alerted when users are visiting specific sites.
This can be used as enhancing Site Acess Control as both rules are for Users visiting web pages. With Visit alert, the admin can get alerted when the user visits the webpage set up.
Navigate to Shield → Configuration → Alert rules → Add a rule → Visit
Enable the rule #
A pop-up window will be displayed, fill in the required details.
- Alert rule name – enter the name for the rule
- Active – enable or disable the rule
- Check page URL proximity –
- If checked, addresses that differ from those in the list will be reported. This is used to warn and protect users against being lured onto an important site, like your bank, by a phishing attack. You need to identify your own key sites.
- Page URL Regex – enter the site address or Regex of addresses
Regex example: #
(pinterest.com|reddit.com|instagram.com|facebook.com) – the 4 sites will be blocked
http(s|)?:\/\/(?!sketch)([-\w].*\.io)(?!sketch)\S* – ALL .io Sites will be blocked (alert shown), except sketch.io
.io – All sites ending with .io will be blocked
blocked – Alert if the word “blocked” is in URL of site
- Report site name – enable if you want to send the visited site name in the alert notification email.
- Scope – select the users, who the rule will be active for, or leave blank for every user where Shield is deployed
- Scope exclusion – enter the users to be excluded from the Alert
- End-user action – select any of the options available
- Display warning message
- Display warning message and close the browsing tab
- Display warning message and redirect
- Redirect URL – enter the redirect
- None
- Warning message – enter the warning message
- Alert recipients – enter the recipients of the alert
- Screen capture – select any of the options
- Do not report
- Only send the picture as an attachment in the alert notification email
- Send in email and save in rule creator’s Drive
- Send in email, save in rule creator’s Drive, and share with other alert recipients
- Webcam capture – this feature must be enabled in the Admin console
- Do not report
- Only send the picture as an attachment in the alert notification email
- Send in email and save in rule creator’s Drive
- Send in email, save in rule creator’s Drive, and share with other alert recipients
Click on the Save button when the Alert is ready.
Result #
When the alert is created the end-users (under Scope) will be affected by the rule.
When the user visits one of the specified sites in the Page URL Regex field, they will see a warning message and be redirected to the chosen page.