Category filter
Configure plugin settings for web content filtering on Mac
This document helps you configure macOS content filter plugin settings from the Hexnode UEM console.
Web content filtering is an effective tool for regulating access to specific websites from end-users’ devices that could potentially expose them to any risks or harmful content. It can also enhance productivity and improve the user experience by restricting unwanted sites or inappropriate content, thus contributing to a safer and more focused environment.
Hexnode UEM offers the feature to use third-party plug-ins (for example, Forcepoint or Crowdstrike) to execute web content filtering and filter network data traffic from browsers and sockets in Macs.
Plug-ins are compatible with devices running macOS 10.15 or later.
Setting up plug-ins on macOS devices
Follow the steps below to set up plug-ins on your devices,
- Log in to your Hexnode UEM portal.
- Navigate to the Policies tab.
- Click on New Policy to create a new policy and enter the policy name and description (optional) in the provided fields. You can also choose an existing policy.
- Select Plug-ins from macOS > Web Content Filtering. Click Configure.
To ensure proper functionality of plug-ins, make sure to include its details in the System Extension policy if one is already configured. If not, you can proceed without updating the plug-in information in system extensions.
Here’s an overview of the plug-in settings and how you can configure them on Mac:
| Plug-In Settings | Description |
|---|---|
| Filter name | Enter a filter name for it to be displayed on the device. |
| Plug-In Bundle ID | Select the bundle ID of the plug-in. You can either select the bundle ID from Select Apps or specify it explicitly under Specify Bundle ID. |
| Server Address | Enter the server address for the plug-in which can be provided as an IP address, hostname, or URL. |
| Organization | Enter the organization name that is associated with the plug-in. |
| Username | Enter the username of the device user.
Note:
Supports the use of wildcards %name%, %username%, %email% and %alternateemail%.
|
| Password | Enter the password associated with the user. |
| Certificate | Choose the certificate for authentication of the user. |
| Filter browsers | Select this option to filter all network traffic transmitted through WebKit-based browsers. |
| Filter sockets | Select this option to filter all network traffic through sockets.
The following fields are to be filled,
|
| Filter network packets | Select this option to filter network packets and decide whether to block, allow or delay the packets.
The following fields are to be filled,
|
| Filter grade | Select the filter grade to set the relative order in which the filters will apply on the network traffic. There are two options to choose from – Firewall and Inspector.
Note:
Filters of Firewall grade will be applied, before filters with grade of Inspector.
|
| Additional vendor configurations | Add additional key/value pairs required by the plug-in filtering service. |
Associate the policy with macOS devices
If you have not saved the policy yet,
- Go to Policy Targets > +Add Devices. Alternatively, you can choose to associate the policy to either device groups, users, user groups or domains from the left pane.
- Choose the target device/devices.
- Click Ok. Click Save.
If you need to add more devices, click on +Add Devices again and repeat the above steps. This won’t affect your previous selections.
If you are on a page that lists the policies,
- Select a policy.
- From Manage drop-down, choose Associate Targets.
- Choose the target devices and click Associate.
