Knowledge Base

26 articles

Bypassing Office 365

By Microsoft's own admission, Office 365 can be problematic when trying to access Office 365 services through Filtering Software/Proxies. For this, they have a provided a list of URLs/IPs that need t…

Updated 1 year ago by admin

Disable QUIC in Chrome Browser

Enabling the QUIC feature within Google's Chrome browser can prevent accurate visibility reports in the Cloud Application Control Analyze reports section. To disable it, there are two methods you can…

Updated 3 years ago by admin

Prevent Law features for UK organisations

In the UK, the Prevent Law or Prevent Duty , is a duty that certain UK organisations (e.g. schools, government, etc) have to prevent people being drawn into terrorism. To support this, the USS Web Se…

Updated 3 years ago by admin

Unclassified / Uncategorised Site Processing

An Unclassified or Uncategorised Site is a URL that is not yet listed in the Web Categories List and therefore does not have a category assigned for URL reputation. To configure whether Unclassified…

Updated 3 years ago by admin

Censornet Web Filtering Policy and Approach for Education

With over ten years’ experience in the education sector the Censornet platform includes numerous predefined template policies, Rules and keyword dictionaries to simplify implementation and ensure rap…

Updated 1 year ago by admin

List of domains to bypass apps for SSL Interception

If you intend to bypass an app from SSL Interception, you will lose all visibility of that app in the App Analyse report. For some apps, this is the only option to allow them to work. Add the followi…

Updated 2 years ago by admin

Bypass GoToMeeting & LogMeIn

Newer Cloud USS accounts will have a number of System-level Bypasses provided by default, including Bypasses for GoToMeeting , GoToMyPC , etc. The manual configuration detailed below is only necessar…

Updated 3 years ago by admin

Bypassing the Apple Store

By default, if you try to access the Apple Store on an iOS device going through Captive/Guest portal, you will be presented with a blank screen or a connection error. This is because the Apple store…

Updated 3 years ago by admin

Using Web Security with Sophos

The Sophos line of security and malware prevention tools require some extra configuration in order to work alongside Cloud USS. Configuring Sophos Endpoint Security with Cloud USS. Open your Sophos C…

Updated 3 years ago by admin

Deployment Overview

Unified Security Service is a multi-tenanted cloud (SaaS) solution that delivers a range of Internet security products from a single, unified, user interface. Deployment varies depending on the produ…

Updated 3 years ago by admin

Check for the presence of a system proxy user

If you are experiencing unexpected behaviour with the Web Security endpoint agents or gateway, it may be that a proxy configuration exists for the Windows "system" user account. This can be left behi…

Updated 2 years ago by admin

YouTube appears to work despite Block or Warn final action applied

Applies to Chrome and Opera browsers (November 2021). It is a common requirement to restrict YouTube (and related services) using the Web Security product Filter Rules, either with a time based, user…

Updated 1 year ago by admin

ERR_CERT_HAS_EXPIRED_ Digicert certificate expiry 2023

An important Digicert Certificate has expired today (8th March 2023) causing TLS validation issues on the USS Gateway. The USS Gateway proxy uses the Ubuntu OpenSSL library, and it appears that this…

Updated 2 weeks ago by admin

Blocking Embedded Games in Google Search

This article discusses embedded games from Google Search and techniques for controlling them. When searching for keywords like snake , minesweeper , solitaire or pacman, Google Search returns an embe…

Updated 3 weeks ago by admin

Enable Enhanced Unpacking Engine

Coming soon

Updated 7 months ago by admin

ESET issues identified

We have identified an issue with certain versions of ESET software that causes incompatibility with software that also uses the Microsoft WFP (Windows Filtering Platform) layer for intercepting netwo…

Updated 2 years ago by admin

Active Directory Login Service

This software is no longer maintained and is considered End of Life. This page has been kept available for reference only. The AD Login Service is a user identification tool for use with the USS Gate…

Updated 1 year ago by admin

MIME Categories and Types

The Web Security product (gateway and endpoint agent) can perform MIME Type scanning of downloaded files through the use of a Filter Rule and the MIME Type action. This allows an administrator to blo…

Updated 3 years ago by admin

How to submit a URL reclassification request

The Web Security product uses many techniques to ensure a URL is classified correctly however from time to time an existing URLs may require reclassifying. You can request a URL reclassification from…

Updated 2 years ago by admin

Third Party Load Balancer Guides

The following guides are available to assist configuring the USS Cloud Gateway with third party load balancer products. Please note that these documents are provided as a guide. Familiarity with the…

Updated 2 years ago by admin

What happens when my Web Security license is suspended or deleted?

The following article describes the behaviour if your Web Security license is suspended or deleted. License Suspended whilst Active. Active means the license has an expiry date in the future or is a…

Updated 2 years ago by admin

SSL/TLS Strict Mode blocked ciphers

Activating the Use strict SSL/TLS ciphers option within the Windows or Mac OS X Agent Configuration Profile will block the following ciphers as they are considered weak. This may cause unexpected beh…

Updated 3 years ago by admin

Installing an SSL Certificate on iOS 13

How to install the USS Cloud Gateway SSL certificate on Apple iOS 13. First, you need to download the SSL certificate to the device. The simplest way if using the captive portal is to click on the li…

Updated 3 years ago by admin

Custom URL parsing and overlapping patterns

The Web Security rules engine uses a category based system for controlling access to custom web sites (URL's, domains) known as patterns. The rules engine optimises the categories and their patterns…

Updated 2 years ago by admin

YouTube Safe or Restricted mode enforced by DNS

YouTube Safe mode (also known as Restricted mode) can be enforced globally by altering the DNS for specific domains. This may be required in addition to the Feature Control rule restriction. If you a…

Updated 3 years ago by admin

Alter the default agent configuration poll time

By default the Windows Agent will poll for configuration changes every 15 minutes, offset from the time when the agent was installed. To override this, you can add a special string (REG_SZ) value cal…

Updated 2 years ago by admin