ΒΆ Modern Workplace Secure Internet Access
Exium Workplace Secure Internet Access provides secure access to public websites and SaaS applications from any location and device. Employees, even in the office, can safely use SaaS apps, web links, and email attachments without compromising their devices. Unlike traditional, multi-product solutions, Exium combines web security, firewall, intrusion detection/prevention, and DNS security into a single, cost-effective service. This service requires deploying Exium's Cyber Gateway at each office location.
ΒΆ Global vs. Local Policies for Users and Devices Connecting via the Cyber Gateway
To enable secure internet access at each workplace location, deploy a Cyber Gateway (CGW). You can easily manage multiple CGWs from a central console, following the instructions for Multiple interface CGW deployment.
Workplace-level policies (e.g., web, geo-location, and threat prevention policies as detailed in the links below) apply to all sites with deployed CGWs.
- Web and SaaS Security
- Threat Prevention with Premium Threat Intelligence and AI
- Geographically-Aware Outbound Traffic Controls
However, Exium also allows for site-specific policies. These local policies override workplace-level policies when conflicts arise. These Local policies described in the next sections will be enforced to the users and devices connecting via the Cyber gateway.
ΒΆ Local Web Categories Policies
If local policesβ web Categories are created on CGW, those web category policies will be applicable, overriding workspace level web categories.
ΒΆ Create Web Category rules
Click on Local Web Category rules
- avigate to the MSP admin console -> Client Workspace
- Click on Sites in the left menu bar β Local Policies β Web Categories as shown in the screen shot below
- Click on create Local or Site level web categories
ΒΆ Local Geo Controls
Define Egress/Outbound Traffic policies at site level which will be applied to all users and devices at that site. To create Egress/Outbound Traffic policies, Follow below steps:
- Navigate to the MSP admin console -> Client Workspace
- Click on Sites in the left menu bar and Click on Local Policies. Click on Geo controls tab.
- Select a Gateway from drop down and click on Create, as shown below
- Select all countries you want to BLOCK egress traffic and click on Update as shown below
After Submit, Egress Geo Controls will be applied on the traffic in near real-time and traffic will be blocked accordingly.
For more details, refer document here
ΒΆ Local Malicious ADs/Domains
When enabled, Exium will block domains that match the threatfeeds or Blocklists outlined in the next section. To manage these settings, please follow these steps:
- Navigate to the MSP admin console -> Client Workspace
- Click on Sites in the left menu bar β Local Policies β Malicious Ads/Domains as shown in the screen shot below
- Select Multi Interface CyberGateway from Drop Down
- Click on Create
- You can then click on βDisableβ or βEnableβ next to the corresponding list name.
- Click on Update after modifying any of list item.
ΒΆ Local Web Filter
If local policesβ web Filter policy rules are created on CGW, those web filter policies will be applicable, overriding workspace level web Filter rules.
ΒΆ Add Web filter rules
- Navigate to the MSP admin console -> Client Workspace
- Click on Sites in the left menu bar β Local Policies β Web Filters as shown in the screen shot below
- Select Multi Interface CyberGateway from Drop Down
- Click on Add Policy to create new policy
- Add name of the policy
- Select source Type ( for specific LAN subnet or all LAN subnets)
- Select Application or Customer domain
- Select Domain to allow to block
- Click on Save
ΒΆ Local Policy View
To access local policy view, click on Policy View under Users and Devices in left menu bar and select User View tab. Select a cyber gateway from drop down as shown below.
To learn more about implementing SASE for your organization and explore tailored solutions that meet your unique requirements, contact Exium at partners@exium.net for a consultation or demonstration.