The settings of the profiles in the Security tab
Last adaption: 11.2022
notempty
This article refers to a Resellerpreview
Partial configuration for profiles in the Mobile Security Portal.
Further information is displayed here:
- MS/deployment/profile (transclusion) (← links)
- MS/deployment/profile/sicherheit (transclusion) (← links)
- MS/deployment/profile-Device (transclusion) (← links)
Numerous settings are configured, that control the security of web applications.
Configuration by clicking on Activate security
Operation | Default | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Protocol | TCP | Protocol used for VPN tunnel. TCP or UDP | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Portfilter Type | Open | Filter network traffic based on network ports.all ports are open | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Closed | Only port 80 (http) and 443 (https) are enabled. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Selection | Port filter rule selection: Specify which port collections are open for network traffic:
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
SSL interception | Default | Defines whether or not to intercept SSL traffic. The default value is to intercept traffic based on content filter response. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Content-Filter Allowlist | Add entries | Click box: Web pages that are to be added to a allowlist. Possible entries: Contentfilter | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Content-Filter Blocklist | Add entries | Click box: Websites that are to be added to a blocklist. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Disable for SSIDs | Add SSIDs | Enter WLAN SSIDs for which the security features shall be disabled. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Disable for IP addresses | Add IPs | IP addresses or networks can be entered for which the security functions are to be deactivated, i.e. the individual host 192.0.2.192/32 or the entire subnet 192.0.2.0/24. For address blocks with less than three digits, a dot must be entered or navigated within the mask using the cursor keys. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Allow Suspend Always-On-VPN | Allows the user to temporary disable the VPN-Connection. If not activated manually, the VPN will resume at a time chosen by the user. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Allow other VPN profiles | Allows adding other VPN profiles in addition to the security profile | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Exclude local WLAN from VPN | If enabled, a route is added that excludes the local WLAN IP range from the tunnel. |