Global Settings

Procedure

1. Go to Policies → Global Settings.
2. To enable Dynamic URL categorization, click On.
   TMWS uses Trend Micro URL Filtering Engine to filter URLs. If an accessed URL is not present in the engine's database, TMWS uses Dynamic URL Categorization technology to perform real time categorization of the website based on the website content and HTTP URL.
3. To customize URL warning TTL, type a number and then select the frequency from the drop-down list.

   Note URL Warning TTL specifies the periodic time interval for displaying a warning message.

4. To customize Block with password override TTL, type a number and then select the frequency from the drop-down list.

   Note Block with password override TTL specifies the periodic time interval for displaying a warning message.

5. Configure the HTTPS Inspection section.
   TMWS can decrypt and inspect encrypted content over HTTPS connections to prevent security risks embedded in HTTPS traffic. You can define policies to decrypt HTTPS traffic from selected URL categories to apply configured scanning and filtering rules in the same way as HTTP traffic. For more information, see HTTPS Inspection.

   Important To ensure that TMWS works properly to enforce all configured policy settings to also HTTPS traffic, turn on HTTPS Inspection and enable at least one decryption rule.

   WARNING For Android Devices, TMWS does not decrypt or scan any HTTPS traffic.

   1. To enable HTTPS Inspection, click On.
      The Advanced Settings area appears.
   2. To enable certificate management, click On. By default, this option is enabled.

      Note If you disable certificate management, client devices can access any HTTPS website without checking the server certificate. If a certificate does not pass a certificate validation test, client devices can still choose to access a website through HTTPS connection. A warning screen displays on the client's browser. For more information, see Digital Certificates.

   3. To enable HTTPS tunneling, click On. By default, this option is enabled.

      Note TMWS allows administrators to maintain a list of trusted domains, whose HTTPS traffic will always be accessible by end users without being decrypted and inspected. For more information, see HTTPS Tunnels.

   4. Click the links to download and deploy the default TMWS root CA certificate (current_ca_cert.cer for on-premises gateway use and current_cloud_ca_cert.cer for cloud proxy use) for the client browsers of end users. For details about how to deploy the root CA certificate on a client device, see TMWS Certificate Deployment.
6. Configure the Safe Search Engine Settings section.
   TMWS integrates with popular search engines and online services, including Google, Yahoo, Bing, and YouTube, to leverage their Search Safety feature.

   Select On or Off for each search engine or online service.

   Important For Safe Search to work properly, Verify that the search engines and online services are not in the proxy bypass list of the PAC file in use or the Approved URLs list. Ensure that the HTTPS traffic from search engines and online services can be decrypted by HTTPS Inspection.

7. (For Japan only) View the Static Outbound IP Setting section.
   For more information, see Static IP Addresses for the Outbound Traffic.
8. Click Save.