MDM lets you control the contents that can be viewed on the browsers of managed devices using Web Content Filter. Web Content Filter lets you Blocklist or Allowlist URLs as explained below:
Other than restricting URLs, Web Content Filter also provides the option of restricting content, whereby websites with malicious content are automatically blocked irrespective of whether the website URL has been allowlisted or blocklisted. Web Content Filter is applicable for Non-Samsung devices running 5.0 or later versions, only if provisioned as Profile Owner or Device Owner and Samsung devices running 5.0 or later with Knox version 2.6 or later. To check the Knox version, go to Settings -> About Device -> Knox version.For Samsung devices running on Android 6.0 and above, legacy enrollment is sufficient for web content filter to function.
|
The table below explains the details to be specified in the Web Content Filter policy before associating it to devices/groups.
FEATURE | DESCRIPTION | SAMSUNG | NON-SAMSUNG | ||
CORE ANDROID | PROFILE OWNER | DEVICE OWNER | |||
Automatic restriction of malicious content | Prevent websites with malicious content, from being viewed on the device browser | ||||
Filter Type |
Specify the filter based on whether URLs are to be blocklisted or allowlisted |
||||
Add URLs | The URLs to be allowed or restricted can be added manually or by uploading a CSV. | ||||
Bookmark Name (Can be configured only if Filter Type is 'Allowlist') |
Specify the bookmark name to be used in the browser. This can be used if you want the allowlisted URL to be bookmarked with a specific name in the browser. | ||||
Bookmark Location (Can be configured only if Filter Type is 'Allowlist') |
Specify the bookmark folder path to be used in the browser. This can be used to specify the bookmark folder path for saving the created bookmarks | ||||
Upload File (Can be configured only if URLs are added via CSV) |
Upload a CSV file with the URLs to be allowed or restricted. If Filter Type is 'Allowlist', you can also enter the bookmark name and location (for non-Samsung devices) to be used in the browser in the CSV file. |
The following table explains the various scenarios where Web Content Filter can be used.
SCENARIO | EXAMPLE URLs | DEVICE | |
SAMSUNG | NON-SAMSUNG | ||
Only secure HTTP(HTTPS) URLs are to be viewed on the device. | Either restrict all HTTP URLs by blocklisting http://* or allow only HTTPS URLs by allowlisting https://* | Devices must be running 4.3 or later versions |
|
The URL blocklisted/allowlisted gets redirected to another URL. | Specify the second URL(to which the first redirects to). If example.com redirects to example.us,then example.us must be specified | ||
Fully Blocklist a website including both the HTTP and HTTPS versions | Specify example.com to automatically Blocklist both the HTTP and the HTTPS versions of example.com | ||
Fully Blocklist/Allowlist all the sub-domains associated with the website | Specify example.com to automatically Allowlist/Blocklist all the sub-domains(domain1.example.com) of the website including mobile version of the website(m.example.com) | ||
Blocklist a website with multiple domain extensions(.org,.biz) | Specify example.* to automatically Blocklist all the available domain extensions of the website | ||
Blocklist a specific domain extension(.biz) | Specify *.biz to Blocklist all websites with the domain extension .biz. | ||
Blocklist only a particular sub-domain. | Specify sub-domain.example.com. This does not Blocklist example.com | ||
Allow access only to specific resources on the Intranet | Allowlist the corresponding IP address of the machine, to access the resources associated to the specific machine. |
The following table explains how Web Content Filter works on the device, when multiple profiles are pushed to the device.