Advanced Settings let you enable various advanced security settings including Umbrella's intelligent proxy, which gives Umbrella the ability to intercept and proxy requests for malicious files embedded within certain so-called "grey" domains. With the intelligent proxy, if a site is considered potentially suspicious or could host malicious content, we'll return the IP address of the intelligent proxy. The request to that domain is then routed through our cloud-based secure gateway, and malicious content is found and stopped before it's sent to you.
Advanced settings also lets you enable SafeSeach, which gives you access to a feature of the major search engines that restricts and filters explicit images and results.
- Navigate to Centralized Settings > Advanced Settings.
- Click Add a Setting or expand an existing advanced setting.
- Give your Advanced Setting a meaningful name and select options:
- Enable Intelligent Proxy—Allows for URL-based malware filtering for domains with legitimate content where some pages may contain malicious files. For more information about the intelligent proxy, and exactly how it works, including key information about enabling HTTPS inspection, see Enable the Intelligent Proxy.
- Enable IP-Layer Enforcement—(Roaming Computer identities only.) Available when the intelligent proxy is enabled. Tunnels suspect IP connections. To learn more, read this.
- SSL Decryption—Available when the intelligent proxy is enabled. Inspects HTTPS traffic. To learn more, read this.
If you select SSL Decryption, click Download Certificate.
You must download and install the Cisco root certificate. For more information, see Cisco Certificate Import Information.
- Enforce SafeSearch—SafeSearch is a feature of the major search engines that restricts and filters explicit images and results. Umbrella provides the ability to enforce traffic to Google, YouTube, and Bing on a per-policy basis. Enabling SafeSearch here enables it in org policies and results in an org's search engine results being free of pornographic and other offensive content. For more information about Umbrella's support of SafeSearch, see our Umbrella docs.
Logging settings are:
- Log All Requests—Full logging, whether for content, security or otherwise.
- Log Only Security Events—Security logging only, which gives your users more privacy. This is a good setting for people with the roaming client installed on personal devices.
- Don't Log Any Requests—Disable all logging. If you select this option, most reporting for identities with this policy will not be helpful as nothing is logged to report on.
- Click Continue.
- Select the customers with whom you want to share these advanced settings and click Continue.
When shared with a customer, these settings become available in the customer's Umbrella dashboard and can be selected when configuring policies. You can also choose not to share a destination list with customers. Click Continue without selecting any customers.
- From the Policy Settings page, choose how you would like to have this advanced setting applied to the Umbrella policies of both your existing customers and any new customers you might add. Choose from the following options:
- Set as Default Setting—If selected, this advanced setting will be applied to the default policy of any new customers. This setting is not applied to the default policy of existing customers in Umbrella.
Note: You must always have at least one default advanced setting. An advanced setting that has Set as Default Setting selected cannot be deleted until that setting has been de-selected.
- Apply to Default Policy—When selected, this advanced setting is applied only to the default Umbrella policy of the customers you selected in the previous step—Share with Customers. All other Umbrella policies for the selected customers remain the same.
- Apply to All Policies—When selected, this advanced setting is applied to all of the Umbrella policies for the customers you selected in the previous step—Share with Customers. This includes the selected customers' default policy.
Note: When you select Apply to all Policies, the next time you access this setting it appears that it has reset to Apply to Default Policy. It has not and your Umbrella policies are not changed. Once configured, to change Apply to All Policies to Apply to Default Policy, you must select Apply to Default Policy and click Save & Close.
- Click Continue.
- Review your advanced settings and click Save & Close.
Each link under Summary opens a modal window that lets you view which customers will share this destination list.
Updated over 4 years ago