Your company’s Web Proxy Policy enables you to control which URLs or IP addresses can be accessed in browsers running in Venn and to configure which processes and domains have TLS inspection enforced.

On the Web Proxy Policy Admin page, you can also view logs of all sites visited in Blue Border and the actions taken by the proxy policy.

Your Web Proxy Policy relies on the local web proxy that Venn runs on users’ devices. Learn more about the Blue Border web proxy.

Web Proxy Policies are configured for individual users, the All Users group, or for specific user groups in Venn.

You can also configure your Web (DNS) Filtering Policy in Venn. Learn more about the different types of Web Policies in Venn or how to configure and manage your Web Filtering Policy.

Access Your Web Proxy Policies

To access your Web Proxy Policy:

1. Navigate to login.venn.com and sign in with valid credentials.
   You may be required to verify the sign-in by completing the multifactor authentication on your mobile device.
   
2. Click Company admin or Manage > Company admin.

   

3. Using the left-side navigation menu, click Policy Admin, then select Web Policy.
4. Click the Web Proxy tab at the top of the page.

On the Web Proxy Policy page, you will see any Web Proxy Policies that have been configured for your company. 

Web Proxy Policies are configured for individual users, the All Users group, or for specific user groups in Venn.

View and Manage Web Proxy Policies for a User or Group

To view and manage the Web Proxy Policy for a group, follow the steps above to navigate to the Web Proxy Policy Admin page and click Manage next to the user or group name.

In the window that opens, you can view and manage the following settings:

• Web Control (Blocklist/Allowlist)
• TLS Inspection Settings for Processes (Apps)
• TLS Inspection Settings for Domains

Web Control (Blocklist/Allowlist)

Using the Web Proxy, you can you can block specific URLs or IP addresses or you can even block all web traffic by default and implement an allowlist to enable access only to specific URLs or IP addresses.

On the Web Control tab, you can choose from the following options:

• Allow all web traffic by default: Allow normal web traffic and implement a "blocklist" of specific URLs or IP addresses
• Block all web traffic by default: Block all web traffic by default and implement an "allowlist" to enable access only to specific URLs or IP addresses

Depending on the option that you select, you can then populate either your Blocklist or Allowlist by entering URLs and IP addresses separated by the Enter key or by clicking Upload list to upload a .txt file.

If you choose to upload a list, individual URLs and IP addresses must appear on their own line within the file.

To block or allow an entire domain, use the format example.com. To block or allow all subdomains for a specific domain (e.g., blog.example.com, login.example.com), use the format .example.com.

Once you have made appropriate changes, click Save in the bottom right corner to save your changes.

TLS Inspection Settings for Processes (Apps)

Using the Web Proxy, you can enforce TLS inspection for specific processes (apps) or you can require TLS inspection for all apps by default and specify which apps to exclude.

By default, Venn enforces TLS inspection for specific processes managed by Venn, including web browsers and Microsoft 365 applications. This allows Venn to enforce DLP Policies such as account controls and upload restrictions.

On the TLS Inspection > Processes tab, you can choose from the following options:

• Disable TLS Inspection by default: Disable TLS Inspection for most apps and specify which processes to include for TLS Inspection
• Enable TLS Inspection by default: Enable TLS Inspection for all apps by default and implement a list of processes to exclude for TLS Inspection

We recommend that you disable TLS Inspection by default and only enforce inspection for apps where needed because TLS Inspection can break functionality within many commonly used applications.

Depending on the option that you select, you can then populate either the list of processes to include or exclude for inspection separated by the Enter key.

Once you have made appropriate changes, click Save in the bottom right corner to save your changes.

TLS Inspection Settings for Domains

By default, the Web Proxy conducts TLS inspection for all browser activity in Blue Border. However, you can exclude specific domains from TLS inspection if you need to bypass inspection for trusted or sensitive services that may not function properly when their encrypted traffic is inspected. This can be useful for domains hosting banking applications, healthcare platforms, or other services with strict encryption standards.

On the TLS Inspection > Domains tab, you can populate the list of domains to include or exclude for inspection separated by the Enter key.

Once you have made appropriate changes, click Save in the bottom right corner to save your changes.

Add a Web Proxy Policy for a User or Group of Users

To create a Web Proxy Policy for a user or a group of users:

1. If you would like to create a policy for a group, create the group and add users to it if the group hasn't already been created in Venn.
2. Follow the steps above to navigate to the Web Proxy Policy Admin page.
3. Click Add on the Web Proxy Policy page.
4. Choose Group of people or User in the dropdown and then search for and select the group or user to apply the policy to and click Add.

Once you have added the Policy, follow the steps above to manage the Web Proxy Policy for that user or group.

View Web Proxy Logs for One or More Users

On the Web Proxy Policy Admin page, you can view logs of all sites visited by your users in Blue Border and any actions taken by your web proxy.

To view web proxy logs:

1. Follow the steps above to navigate to the Web Proxy Policy Admin page.
2. Click Manage next to the group that the user(s) you would like to view logs for belong to or next to the user's name if they have a policy applied to them individually. If you are not sure which group the user(s) belong to, choose the All Users group.

   

3. Click Logs in the Settings menu at left.
4. Type to search for and select the user(s) who you would like to view logs for, input the reason why you need to view their web activity, and click View.
   In order to ensure that the ability to view detailed user web activity is used appropriately by those with administrator access in Venn, you will be prompted to provide a reason why you need to view logs. Your logs access, reason, and any searches/filtering you complete on the logs page will be logged under your account activities.

   

On the Logs tab, you can view granular details about the sites visited, the actions taken by the proxy, and the users who accessed or attempted to access a site.

You can filter the logs by date accessed/attempted to access, user name, process type (Browser or Other), and action (allowed or blocked).