Domain Filtering Configuration Guide

Enabling Domain Filtering will increase your monthly invoice.

The Domain Filtering feature is part of our Advanced Firewall which includes Threat Analysis, Country Blocking, and Domain Filtering for a single price. Please contact sales (AT) uplevelsystem.com with any questions about add-on features. 

Overview

Domain Filtering allows you to control and restrict access to specific website categories and domains across your network. This feature helps maintain network security, improve productivity, and ensure compliance with organizational policies.

Accessing Domain Filtering

Navigate to Portal > Firewall > Domain Filtering to access the Domain Filtering configuration page.

Initial Setup

Step 1: Enable Domain Filtering

1. Check the Enable Domain Filtering checkbox to activate the feature
2. This will enable the filtering engine across your selected network groups

Step 2: Configure Filter Settings

The Filter section contains three main configuration areas:

Block Categories

• Click the arrow next to "Block Categories" to access the comprehensive list of website categories
• Select categories you want to block (e.g., Alcohol, Dating, Social Networking, etc.)
• Categories include:
  • Security-focused: Malware, Phishing/Fraud, Spyware and Malicious Sites
  • Productivity: Social Networking, Entertainment, Games, Shopping
  • Content-based: Adult content, Violence, Weapons, Illegal Drugs
  • Communication: Chat/IM, Web-based Email
  • Business: Job Search, Finance, News, Education

Block Domains

• Add specific domains to block beyond the selected categories
• Enter individual domain names or URLs
• Use <none> if no specific domains need blocking

Allow Domains

• Whitelist specific domains that should always be accessible
• Overrides category-based blocking for specified sites
• Use <none> if no specific domains need whitelisting

Step 3: Save Category Selections

After selecting your desired categories in the categories panel:

1. Review your selections
2. Click Save to apply the category filters
3. Click Cancel to discard changes

SSL Certificate Management (Keys Section)

Main Access Key

• Purpose: Primary SSL certificate for domain filtering
• Description: "This is the main override key that never expires"
• Usage: Install on client devices for seamless HTTPS filtering and whitelabeled block pages (optional)

Temporary Access Key

• Purpose: Provides temporary unfiltered internet access
• Duration: Valid for one week from creation
• Use Case: Special engagements or situations requiring temporary full internet access
• Security: Automatically expires after 7 days

Certificate Installation Instructions

• Click the "Instructions" section for detailed guidance on:
  • How to install certificates on customer devices
  • Platform-specific installation procedures
  • Troubleshooting certificate issues

Group Configuration

Filter Groups

Configure which network segments should have domain filtering applied:

• Employees: Standard user access with filtering
• Guest: Limited access for visitor networks
• Boss: Executive access levels
• VoIP: Voice over IP devices (typically no filtering needed)

Important Notes:

• DNS is pushed via DHCP to devices in selected groups. If you are using Static IPs on the LAN you will need to add 52.42.29.159 as your DNS Servers.
• Consider excluding VLANs that don't require filtering (VoIP, IoT devices)
  

Category Selection

• Start with essential security categories (Malware, Phishing, Adult content)
• Gradually add productivity-related categories based on organizational needs
• Regularly review and adjust categories based on business requirements

Monitoring and Maintenance

• Monitor filtering effectiveness through the Statistics tab
• Review blocked/allowed domain lists periodically
• Update group assignments as network topology changes