Help Center
Quick Start
- Overview
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
File Auditing
- About File Auditing
- Domain configuration
- File server configuration
- Failover cluster configuration
- NetApp server configuration
- Workgroup configuration
Setting up File Audit
Dashboard
Reports
Alerts
Configuration
Storage Configuration
File Analysis
- About File Analysis
- On-Demand Reports
Setting up File Analysis
Dashboard
Reports
Alerts
Configuration
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
Dashboard
Reports
Ownership analysis
Configuration
Endpoint DLP
- About Endpoint DLP
Setting up Endpoint DLP
Reports
Alerts
Prevention policies
Configuration
Cloud Protection
- About Cloud Protection
- Gateway Server Configuration
- Certificate Authority Configuration
- Gateway Configuration in Endpoint
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Gateway Server Failover
- Two-way SSL configuration
- Global Insight
- Application Insight
- User Insight
- Shadow Application Insight
- Banned Application Insight
- Cloud App Discovery
- Cloud Access Reports
- Application Insights
- Shadow Cloud Application Reports
- Banned Cloud Application Reports
- File Upload & Download Reports
Setting up Cloud Protection
Dashboard
Reports
Control Policies
Storage Configuration
Administrative settings
- Technician configuration
- Notification filters
- Manage agent
- Agent settings
- SIEM integration
- Business hours configuration
- Two-factor authentication
- Workgroup configuration
- Security policy
Email configuration
General settings
- Connection
- Personalize
- DataSecurity Plus Server
- Privacy Settings
- Disk utilization
- Schedule Retention Policy
Policy Configuration
Release notes
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
Troubleshooting
- HTTP communication failure
- Dormant DataEngine
- Secure Gateway server failure
- RPC communication failure
- Known issues and limitations
- Known errors and solutions
Guides
- Agent document
- How to Migrate/Move DataSecurity Plus
- How to apply SSL certificate
- How to automate DataSecurity Plus database backup
- How to set alerts in DataSecurity Plus
- How to secure your DataSecurity Plus installation
URL Filtering
DataSecurity Plus' Cloud Protection module offers URL filtering as one of its control policies to manage the use of cloud applications. You can use default or custom policies to apply various criteria that can help you implement different control policies—such as restricting access to cloud applications and domains, preventing file downloads or deletions from cloud storage services, and more.
By default, multiple policies are preconfigured, each containing different services and applications that are commonly restricted by organizations. You can enable these policies as per your requirements. In addition, you can also create custom policies to restrict specific cloud applications.
Creating a URL filtering policy
Follow these steps to configure a custom URL filtering policy:
- Select Cloud Protection from the modules drop-down menu at the top.
- Go to Configuration > Control Policies > URL Filtering.
- Click +Add Policy.
- Enter a suitable Policy Name and Policy Description.
- Assign a Tag. Tags can be used to group policies based on the category of web app.
- Choose when you want the URL filter to be applied:
- Request: The filter will be processed before the request is sent to the original server.
- Response: The filter will be processed before the response from the original server is sent to the client.
- Define the required criteria. Refer to the Defining criteria in URL filtering policies section in this page for information on how to define the criteria.
- Choose a response action.
- Click Save.
Viewing and editing configured policies
Follow these steps to view and edit all configured policies:
- Select Cloud Protection from the modules drop-down menu at the top.
- Go to Configuration > Control Policies > URL Filtering.
- You can find both default policies and custom policies listed here.
- Click the Enable or Disable icon under the Actions column to enable or disable them.
- Click the Edit icon under the Actions column to edit the policy configuration.
Note: Default policies cannot be edited or deleted. However, users can create and edit copies of it by following these steps:
- Choose a default policy you'd like to edit, and click the corresponding Edit icon under the Actions column.
- On the pop-up page that opens, click the Duplicate link at the top.
This will create an editable copy of the existing policy.
Defining criteria in URL filtering policies
When creating a new URL filtering policy, you have to add criteria that needs to be satisfied for the filter to be applied. These criteria can be configured based on various parameters. Refer to the table below for the list of available parameters and their description.
Parameter | Description |
Domain | Provide the domain names, such as spotify.com. |
Request URI | Provide the complete request URI, such as https://instagram.com/feed.html#profile, or the path. |
Request Method | Provide request methods, such as GET, POST, PUT, and other methods. |
Request Headers Content Type | Provide the request headers content type, such as application/json or other content types. |
Request Referrer | Provide request referrers such as https://www.netflix.com/browse. |
Request Headers | Provide custom request headers such as Content-Length or User-Agent. |
Response Code | Provide response codes such as 200, 204, 301, or other status codes. |
Response Headers | Provide custom response headers such as Content-Type and Content-Length. |
You can choose to configure criteria based on one or multiple parameters as mentioned above. To configure criteria based on multiple parameters, you must define a Condition Type. Refer to the examples below for an understanding of each Condition Type:
All conditions
When you select All conditions, the filter will be applied only when all the created parameter conditions are satisfied.
Example scenario: Prevent employees from deleting files on OneDrive.
- Select All conditions as the Condition Type.
- Select Domain equals to api.onedrive.com as the first parameter.
- Select Request Method equals to DELETE as the second parameter.
- Select Block as the Response Action.
Now, when a user accesses OneDrive and then tries to delete a file, the action will be blocked.
Any condition
When you select Any condition, the filter will be applied when any one of the created parameter conditions is satisfied.
Example scenario: Prevent employees from using Facebook or Instagram.
- Select Any condition as the Condition Type.
- Select Domain equals to facebook.com as the first parameter.
- Select Domain equals to instagram.com as the second parameter.
- Select Block as the Response Action.
Now, when a user accesses either Facebook or Instagram, the action will be blocked.
Advanced
Advanced conditions are handy when you need a combination of All and Any conditions. In such instances, users can create multiple parameters and then choose which parameters should follow which condition type.
Example scenario: Prevent employees from downloading DOCX files from Google Drive or OneDrive.
- Select Advanced as the Condition Type.
- Select Domain equals to drive.usercontent.google.com as the first parameter.
- Select Request Referrer equals to https://onedrive.live.com/ as the second parameter.
- Select Response Headers and type Content disposition equals to .docx as the third parameter.
- Click the edit icon next to Criteria Pattern and type ((1 OR 2) AND 3).
- Select Block as the Response Action.
Now, when a user accesses either Google Drive or OneDrive and then tries to download a DOCX file, the action will be blocked.