New pages

Jump to navigation Jump to search
New pages
Hide registered users | Hide bots | Show redirects
(newest | oldest) View ( | older 50) (20 | 50 | 100 | 250 | 500)
  • 12:55, 14 October 2022Firewall: Rules & Policies (hist | edit) ‎[197 bytes]Steve (talk | contribs) (Created page with "{{Stub}} Category:Product Manuals")
  • 12:55, 14 October 2022Firewall (hist | edit) ‎[37 bytes]Steve (talk | contribs) (Created page with "{{Stub}} Category:Product Manuals") Tag: Visual edit: Switched
  • 17:22, 13 October 2022Whitelisting websites and their content (hist | edit) ‎[5,977 bytes]Steve (talk | contribs) (Created page with "Whilst we endeavor to make our filters as accurate as possible, no filtering system is perfect and sometimes you want to completely disable the filters for certain websites that you know are safe so as to avoid the inconvenience of it being inadvertently blocked. For example, educational sites that are often used by your teachers and students, which have been reviewed and deemed safe enough for you to turn off the filtering. This can be further complicated when objects...") Tag: Visual edit
  • 17:12, 13 October 2022Whitelisting embedded MathsWatch videos (hist | edit) ‎[1,944 bytes]Steve (talk | contribs) (Created page with "[https://mathswatch.co.uk MathsWatch] is a set of mathematics resources available to schools and colleges, which includes a virtual learning environment containing embedded videos. The videos themselves are hosted on the Vimeo platform, which unfortunately also contains content which is unsuitable for children. Most schools therefore prefer to block their students' access to Vimeo. Rather than having to manually whitelist the individual videos, Web Gateway and UTM all...") Tag: Visual edit
  • 16:52, 13 October 2022Using the Policy Modelling reports (hist | edit) ‎[242 bytes]Steve (talk | contribs) (Created page with "This tutorial video shows how to use the Policy Modelling reports to see a configuration summary and drill down to understand why that configuration is being applied. <center><youtube>urwQgQUGpdE</youtube></center>") Tag: Visual edit: Switched
  • 16:51, 13 October 2022Restrict iOS Updates (hist | edit) ‎[1,822 bytes]Steve (talk | contribs) (Created page with "Apple iOS updates vary from a few hundred megabytes to a few gigabytes, and whilst the occasional update isn't a problem, a few hundred users all downloading a new version of iOS at the same time can congest your internet connection and slow down more essential traffic . To combat this, you may want to limit who can download iOS updates on your network, and block iOS updates from being downloaded during certain time periods. Web Gateway and UTM allow you to easily set t...") Tag: Visual edit
  • 16:45, 13 October 2022Audit what images your users are viewing (hist | edit) ‎[467 bytes]Steve (talk | contribs) (Created page with "Web Gateway and UTM have the ability to produce an at-a-glance report showing a snapshot of the images that a user has been looking at. With these reports you can quickly spot questionable content which might otherwise have been missed. The images reports are also great for the unfortunate situation where you need to present evidence that someone has been misusing the school's computers. <center><youtube>Cv5yaS-Zkd0</youtube></center> Category:How-To Guides") Tag: Visual edit
  • 16:36, 13 October 2022Allowing Facebook, without allowing other social networking sites (hist | edit) ‎[5,310 bytes]Steve (talk | contribs) (Created page with "Today we're looking at a reasonably common situation: administrators often want to allow their users to use Facebook, without opening the floodgates and allowing access to every other social networking website. There are a couple of methods of doing this, and we'll discuss both and explain the advantages and disadvantages of each. We're using Facebook as an example here, but you can adapt these steps to other websites and categories as you see fit. This is the first in...") Tag: Visual edit
  • 16:13, 13 October 2022PSI Secure Browser/ContactLog/2022-03-24 (hist | edit) ‎[3,884 bytes]Steve (talk | contribs) (Created page with "{{Contact Log|vendor=PSI|date=2022-03-24|direction=sent}} We are an online safety supplier to British schools, providing web filtering and firewalling systems. We have a number of customers who use your PSI Secure Browser software to deliver exams. The schools have a statutory requirement to do appropriate filtering and monitoring of their internet connections. Unfortunately they have been provided with very little information regarding firewalling / filtering change...")
  • 16:07, 13 October 2022Puffin Academy/ContactLog/2016-07-07 (hist | edit) ‎[656 bytes]Steve (talk | contribs) (Created page with "{{Contact Log|vendor=CloudMosa|date=2016-07-07|direction=received}} We believe using IP address to whitelist Puffin Academy is the easiest way to make things work for the most of the schools. That's the officially recommended solution. Starting from 2016/04, the IP ranges become stable. They will remain unchanged for the coming years (best efforts). Please understand, for user privacy and data integrity, MITM-like communication is a kind of security threat that will...")
  • 15:44, 13 October 2022Puffin Academy/ContactLog/2016-07-06 (hist | edit) ‎[1,750 bytes]Steve (talk | contribs) (Created page with "  We supply web filters to schools across the UK, some of whom are also using the Puffin Academy app. I note that you provide a list of IP addresses to allow through the firewall, but it would be preferable if schools did not need to add IP addresses (which may change from time to time) to their firewall. I have analysed the network traffic from Puffin Academy and identified a couple of problems. I hope that you would consider adjusting the app to accommodate them, wh...")
  • 15:29, 13 October 2022WeChat (hist | edit) ‎[205 bytes]Steve (talk | contribs) (Created page with "== Status == Fully working, with additional configuration. == Configuration == Allow the ''WeChat'' firewall bundle on the Egress page. Category:Third Party Software Compatibility") Tag: Visual edit
  • 15:27, 13 October 2022Twitter App (hist | edit) ‎[1,088 bytes]Steve (talk | contribs) (Created page with "== Status == Fully working but requires additional configuration which reduces the system's filtering capabilities. == Configuration == Enable the ''App: Twitter'' Override. Note that this will also disable HTTPS decryption for the Twitter website with a corresponding reduction in filtering and reporting capabilities. It is therefore recommended that the override is only enabled on wifi networks and that proper consideration is given to the risks....") Tag: Visual edit
  • 15:26, 13 October 2022TeamViewer (hist | edit) ‎[901 bytes]Steve (talk | contribs) (Created page with "== Status == Fully working, with additional configuration. == Configuration == Allow the ''TeamViewer'' firewall bundle on the Egress page. == Detail == TeamViewer tunnels non-HTTPS traffic through the proxy. Since the traffic is not HTTPS, it must be excluded from HTTPS decryption. Unfortunately, whilst some of TeamViewer's connections are to the teamviewer.com domain, it also makes connections to arbitrary IP addresses without specifying a host...") Tag: Visual edit
  • 15:23, 13 October 2022Snapchat App (hist | edit) ‎[1,082 bytes]Steve (talk | contribs) (Created page with "== Status == Fully working but requires additional configuration which reduces the system's filtering capabilities. == Configuration == Enable the ''App: Snapchat'' Override. Note that this will also disable HTTPS decryption for many other apps that use Google's Appspot platform and significantly reduce the system's ability to filter them. == Detail == The Snapchat app does not utilise the device's trusted certificate store and therefore HTTPS decry...") Tag: Visual edit
  • 15:19, 13 October 2022Qustodio Parental Control App (hist | edit) ‎[1,356 bytes]Steve (talk | contribs) (Created page with "== Status == === Android === Fully working with standard configuration. === iOS === Fully working with additional configuration. However, '''the app completely bypasses the Opendium filtering'''. === Windows, Mac OS X, Kindle and Nook === {{Not tested}} == Configuration == === Android === Ensure that the ''Essential Services'' Override is enabled. Note: we recommend that this override is always enabled (this is the default). === iOS === * Allo...") Tag: Visual edit
  • 15:14, 13 October 2022Puffin Academy (hist | edit) ‎[1,516 bytes]Steve (talk | contribs) (Created page with "== Status == Fully working, with additional configuration (listed below). == Configuration == * Allow the ''Puffin Academy'' firewall bundle on the Egress page. * Ensure that the ''Disable HTTPS Decryption'' Override is enabled. Note: we recommend that this override is always enabled (this is the default). == Detail == Puffin Academy makes HTTPS connections which contain an invalid Server Name Indication (*.flashbrowser.com) an...") Tag: Visual edit
  • 15:02, 13 October 2022PSI Secure Browser (hist | edit) ‎[3,126 bytes]Steve (talk | contribs) (Created page with "== Status == We cannot guarantee that PSI Secure Browser will work through an Opendium system. When a school reports problems using this software, we are usually able to work with them to adjust their configuration to allow it to work, but in our experience it is very likely to stop working again in the future. == Configuration == No configuration required. == Detail == PSI Secure Browser is a piece of software used by exam boards such as [https://abrsm.org ABRSM], to...") Tag: Visual edit
  • 14:43, 13 October 2022Google Family Link Parental Control App (hist | edit) ‎[692 bytes]Steve (talk | contribs) (Created page with "== Status == === Android === Family Link for children & teenagers: Fully working with standard configuration. Family Link for parents: Fully working with standard configuration. === Other Platforms === Not tested. == Configuration == === Android === Ensure that the ''Essential Services'' Override is enabled. Note: we recommend that this override is always enabled (this is the default). == Detail == === Android === Google Family Link does not ut...") Tag: Visual edit
  • 14:27, 13 October 2022Facebook App (hist | edit) ‎[1,421 bytes]Steve (talk | contribs) (Created page with "== Status == Fully working but requires additional configuration which reduces the system's filtering capabilities. == Configuration == Enable the ''App: Facebook'' Web Override. Note that this will also disable HTTPS decryption for the Facebook website with a corresponding reduction in filtering and reporting capabilities. It is therefore recommended that the override is only enabled on wifi networks and that proper consideration is given to the ri...") Tag: Visual edit
  • 13:59, 13 October 2022Why Decrypt HTTPS? (hist | edit) ‎[3,623 bytes]Steve (talk | contribs) (Created page with "The vast majority of web traffic is now encrypted, and by installing a certificate onto client devices, Opendium systems are able to decrypt and inspect that traffic. In the wider IT community, whether or not traffic should be subject to decryption is a contentious issue, with serious ramifications for privacy, detection of crime and democracy. We believe that it is important to make a distinction between adults, who society expects to be responsible for themselves, be...") Tag: Visual edit
  • 12:21, 13 October 2022Appropriate Filtering for Education Settings (hist | edit) ‎[25,010 bytes]Steve (talk | contribs) (Created page with "Schools and colleges in the UK are required to establish appropriate levels of filtering to ensure children are provided with safe access to the internet without over blocking. Schools and colleges in England, Wales and Northern Ireland must adhere to the Department for Education's [https://www.gov.uk/government/publications/keeping-children-safe-in-education--2 Keeping Children Safe in Education] statutory guidance, whereas in Scotland the requirements are laid down by...") Tag: Visual edit
  • 11:53, 13 October 2022Apple iOS Configuration (hist | edit) ‎[3,587 bytes]Steve (talk | contribs) (Created page with "== One-to-one devices == This section covers devices which are always used by the same user, such as devices deployed in a one-to-one arrangement or bring your own device. Scroll down for information regarding shared devices. * If possible, configure your wireless network to use 802.1x (WPA-Enterprise) authentication and to RADIUS#Linking%20a%20network%20access%20controller%20to%20the%20Opendium%20system|send RADIUS accounti...") Tag: Visual edit
  • 11:39, 13 October 2022Microsoft Windows Configuration (hist | edit) ‎[14,508 bytes]Steve (talk | contribs) (Created page with "== One-to-one devices == This section covers devices which are always used by the same user, such as devices deployed in a one-to-one arrangement or bring your own device. Scroll down for information regarding Shared devices and Multiuser servers. * If possible, configure your wireless network to use 802.1x (WPA-Enterprise) authentication and to RADIUS#Linking%20a...") Tag: Visual edit
  • 10:45, 13 October 2022Apple OS X Configuration (hist | edit) ‎[4,881 bytes]Steve (talk | contribs) (Created page with "==One-to-one devices== This section covers devices which are always used by the same user and not connected to your Windows domain, such as devices deployed in a one-to-one arrangement or bring your own device. Scroll down for information regarding Shared devices and Multiuser servers. * If possible, configure your wireless network to use 802.1x (WPA-Enterprise) authentication an...") Tag: Visual edit
  • 11:34, 12 October 2022Android Configuration (hist | edit) ‎[5,894 bytes]Steve (talk | contribs) (Created page with " ==Important note: compatibility with safeguarding obligations== In July 2016, Google [https://android-developers.googleblog.com/2016/07/changes-to-trusted-certificate.html announced] that Android applications would no longer trust any certificates which are installed by the user. This limitation cannot be overridden by the user, nor by the administrator of devices that are managed through an MDM. This limitation does not ''currently'' affect web browsing from Android...") Tag: Visual edit
  • 10:22, 12 October 2022Mail: The Anonymous Group (hist | edit) ‎[1,749 bytes]Steve (talk | contribs) (Created page with "The ''Anonymous'' group is used in any situation where a suitable group for the sender or recipient cannot be found. For the sender: * If the sender's address is from the Opendium server's primary or secondary domains and the user exists on the system, the user's groups are used. * If the sender's IP address is contained in any of the networks set up in Users & Groups, the appropriate networks' groups are used. * For everything else, the sender is deemed to be in t...") Tag: Visual edit
  • 10:18, 12 October 2022Mail: Reports (hist | edit) ‎[1,645 bytes]Steve (talk | contribs) (Created page with "Each mail that passes through the system is tracked from the point at which the server received the email until it is delivered to a local user or a remote server. This information is available in the ''Mail'' subsection of the ''Reports'' tab. == Logs == alt=Mail logs report screenshot|thumb|Mail logs report screenshot After clicking ''Logs'', you can enter the search criteria to use - you can leave any or all of the boxes blank if you don...") Tag: Visual edit originally created as "Mail Reports"
  • 10:14, 12 October 2022Mail: Redirection (hist | edit) ‎[1,653 bytes]Steve (talk | contribs) (Created page with "Sometimes, some or all of the users store their mail on separate internal email servers and the Opendium server needs to be set up to forward their mail to those servers rather than delivering it to local mail boxes. This can be configured on a per-group basis in the ''Redirection'' subsection of the ''Mail'' tab. These are heritable settings (see Group Inheritance). If you are not sure which settings would be applied to a user, look at the Mail Policy Modelling...") Tag: Visual edit originally created as "Mail Redirection"
  • 09:41, 12 October 2022Mail: Domains (hist | edit) ‎[607 bytes]Steve (talk | contribs) (Created page with "When your server was installed, we will have configured it to handle email for your primary domain. If you have any extra domains that you use, you can configure them as secondary domains in the ''Domains'' subsection of the ''Mail'' tab. When a secondary domain is configured, you can optionally set the system to automatically modify any emails it receives to that domain so that the recipient's address is changed to the primary domain. This is useful when the mail wil...") Tag: Visual edit originally created as "Mail Domains"
  • 09:38, 12 October 2022Mail: Aliases & Mailing Lists (hist | edit) ‎[3,327 bytes]Steve (talk | contribs) (Created page with "It is sometimes necessary to provide an email address that redirects to a configurable user or set of users. For example, you may want a fixed address such as itsupport@example.com for mails to the person who handles IT support requests for your organisation, which stays the same irrespective of changes in the responsibilities of the staff. Rather than having an "itsupport" user, it is often preferable to simply deliver mail that was sent to that address to a specific...") Tag: Visual edit originally created as "Mail Aliases & Mailing Lists"
  • 09:33, 12 October 2022Mail (hist | edit) ‎[445 bytes]Steve (talk | contribs) (Created page with "Opendium systems have an optional email Server module, which provides a full featured mail server with built in content filtering, allowing you to filter your users' email for spam, viruses and any questionable content. Users' email is available to them via IMAP, and through a web mail interface. Users' email can also be forwarded on to another mail server whilst still making use of the mail filtering features.")
  • 12:25, 11 October 2022Group Inheritance (hist | edit) ‎[11,237 bytes]Steve (talk | contribs) (Created page with "Opendium systems have a powerful grouping mechanism which is configured on the Users & Groups page, with groups organised into a tree, and users, networks and individual computers assigned to one or more of the groups. Settings, such as web filtering, permissions, etc. can be set on each group and by default are inherited by the groups, users and networks within. This is a very flexible approach, allowing global configuration to be set for the root ''Everyone'' grou...") Tag: Visual edit
  • 12:17, 11 October 2022Policy Modelling (hist | edit) ‎[767 bytes]Steve (talk | contribs) (Created page with "If you want to double check which settings are in force for a certain user on a certain device, look no further than the Policy Modelling reports. These provide a summary of the settings that various parts of the system will use after the whole group tree, the virtual groups and (where appropriate) the time periods have been taken into account. By clicking the + next to each setting, you can see a graphical representation of how it was derived from the underlying config...") Tag: Visual edit
  • 12:06, 11 October 2022Web: Reports (hist | edit) ‎[5,034 bytes]Steve (talk | contribs) (Created page with "Comprehensive logs are kept by the system, allowing you to easily audit your users' web traffic. All of the reports can be viewed in the ''Web'' subsection under the ''Reports'' tab. As some reports involve processing a large amount of data and can take a while to generate, you can click the ''Send This Report by Email'' button at any time to have the system automatically email you when it is complete. PDF and CSV versions of many of the reports can also be produced b...") Tag: Visual edit originally created as "Web Reports"
  • 11:40, 11 October 2022Web: Permissions & Limits (hist | edit) ‎[11,261 bytes]Steve (talk | contribs) (Created page with " Category:Product Manuals A number of general permissions can be set for each group in the ''Permisions & Limits'' subsection of the ''Web'' tab. These are heritable settings (see [https://docs.opendium.com/Group%20Inheritance Group Inheritance]). If you are not sure which settings would be applied to a user, look at the [https://docs.opendium.com/Web%20Policy%20Modelling Policy Modelling] report. These settings will also be inherited by all the descendent groups,...") Tag: Visual edit originally created as "Web Permissions & Limits"
  • 16:51, 10 October 2022Filtering Rationale (hist | edit) ‎[7,095 bytes]Steve (talk | contribs) (Created page with " Web Gateway and UTM use multiple technologies to categorise websites, including, but not limited to, our proprietary real time content analysis engine and a large database of web addresses. A selection of predefined categories are included, which receive hourly automated updates. Our customers are in complete control of their filters and are able to modify the predefined categories or create new custom categories from scratch. Customers can choose which categories of...") Tag: Visual edit: Switched
  • 16:25, 10 October 2022Web: Filtering (hist | edit) ‎[10,143 bytes]Steve (talk | contribs) (Created page with "Opendium systems analyse each web request in a variety of ways to heuristically categorise it. In addition to analysing unencrypted traffic, encrypted HTTPS traffic will be decrypted, analysed and filtered in real time. The traffic can be restricted based on the categorisation that the system has determined for each web request. The web filter works on three levels: * Blocked Categories - This is the primary method of filtering....") Tag: Visual edit originally created as "Web Filtering"
  • 12:30, 10 October 2022Web (hist | edit) ‎[4,040 bytes]Steve (talk | contribs) (Created page with "Opendium systems allow you to control and audit your users' access to the world wide web. This is done by passing all web traffic through a proxy server, which analyses each web request in a variety of ways to heuristically categorise it. In addition to analysing unencrypted traffic, the system will decrypt, analyse and filter encrypted HTTPS traffic in real time. The traffic can be restricted based on the categorisation that the system has determined for each web req...") Tag: Visual edit originally created as "Web Proxy"
  • 12:06, 10 October 2022RADIUS (hist | edit) ‎[5,199 bytes]Steve (talk | contribs) (Created page with "Opendium systems provide RADIUS authentication and accounting services. With the help of network access controllers, such as your wifi controller, a single sign-on service can be provided for single user devices. For example, people bringing their own smartphones and tablets will only need to enter their credentials once in order to join the wifi network, rather than having to log onto the wifi network and then separately log onto the web proxy. We recommend that netw...") Tag: Visual edit
  • 11:02, 10 October 2022Network Topology (hist | edit) ‎[4,301 bytes]Steve (talk | contribs) (Created page with " Category:Knowledgebase Opendium systems are designed to operate as gateway devices, situated between your network and the internet. == Opendium system's external connection == Usually one of the Opendium system's network interfaces will be connected to your internet router and another interface connected to your internal networks. If your internet connection is delivered as a PPPoE connection (e.g. ADSL, vDSL/FTTC, FTTP), the Opendium system can terminate the PPP...") Tag: Visual edit
  • 17:24, 7 October 2022Filtering Categories (hist | edit) ‎[9,040 bytes]Steve (talk | contribs) (Created page with " Category:Product Manuals Opendium systems have a central categorisation system that is used to control access to various types of content. When the system is examining content, such as web traffic, it attempts to categorise the content by using the criteria defined for each category. Depending on the system's configuration, the resulting categorisation may be used to block traffic or provide reports on concerning behaviour. Note that it is possible for content to...") Tag: Visual edit
  • 16:27, 7 October 2022Virtual Groups (hist | edit) ‎[5,211 bytes]Steve (talk | contribs) (Created page with " Category:Product Manuals The Virtual Groups system provides an extremely powerful way to make automatic modifications to the settings based on some predefined conditions. For example, you can use virtual groups to relax some of your filters when the sixth form are using workstations in supervised locations. The virtual groups tree is completely separate to the normal groups tree, and can be accessed through the ''Virtual Groups'' tab within Users & Groups. Vir...") Tag: Visual edit
  • 15:00, 7 October 2022User Synchronisation (hist | edit) ‎[4,083 bytes]Steve (talk | contribs) (Created page with "For Opendium systems which are integrated into a Windows network, users should be synchronised from your Active Directory using the User Sync system. This functionality can be accessed through the ''User Sync'', ''User Sync - Deletion'' and ''User Sync Configuration'' tabs within Users & Groups. For Opendium systems which are not integrated into a Windows network, use the Import Users system to bulk import users into the system instead. == Configuration == Con...") Tag: Visual edit: Switched originally created as "User Sync"
  • 14:18, 7 October 2022Import Users (hist | edit) ‎[1,092 bytes]Steve (talk | contribs) (Initial page) Tag: Visual edit
  • 13:45, 7 October 2022Users & Groups (hist | edit) ‎[2,459 bytes]Steve (talk | contribs) (Initial page) Tag: Visual edit originally created as "Users and Groups"
  • 17:53, 6 October 2022Recommended Minimal Configuration (hist | edit) ‎[11,442 bytes]Steve (talk | contribs) (Initial page - to be completed) Tag: Visual edit
  • 18:20, 30 September 2022Installation Requirements (hist | edit) ‎[10,888 bytes]Steve (talk | contribs) (Initial page) Tag: Visual edit
  • 16:44, 30 September 2022User Interface Overview (hist | edit) ‎[2,400 bytes]Steve (talk | contribs) (Initial page) Tag: Visual edit: Switched
  • 15:53, 30 September 2022Opendium Documentation (hist | edit) ‎[3,912 bytes]Steve (talk | contribs) (Initial page) Tag: Visual edit: Switched
(newest | oldest) View ( | older 50) (20 | 50 | 100 | 250 | 500)
Retrieved from ‘https://docs.opendium.com/wiki/Special:NewPages