WebTitan - Errigal Onboarding Script

Email send specifically for this demo.

Hi Rebecca,

Your Webtitan server is now available here:

URL = https://uidemo-ui.webtitancloud.com/

Email = rspringett@demo.com

Password = ZN2Jm,oc2?YKr1V,P0)d

IPs for DNS Forwarding:

Primary: 1.2.3.4

Secondary: 5.6.7.8

To get set up, simply follow the below steps.

• Go to the Overview > Add Locations tab and add your External IP

• Go to the Content Filtering tab and create your policy

• Redirect your DNS to "WebTitan IPs"

Here is our Customer Setup:

https://support.titanhq.com/en/30129-webtitan-customer-setup.html

Many thanks,

Regards,

Introduction.

WebTitan is our Web filtering product that provides you with DNS security, Content filtering features and AI threat Intelligence. This a demonstration of the steps you will require to start using our WebTitan Product.

Step 1: Log in and Update your security settings.

You should have received an email from your account manager containing Account details, log in credentials and IP addresses. This email is necessary to get your started with WebTitan.

Retrieve the link to your New WebTitan account and your log in details. Use this to access your new account. Now I am logged into my new account to start the set up. Before moving on, I am going to update my password to protect the security of my account.

To do this I am going to go the Profile in the top right-hand corner. I am going to Select Security. I will enter in the current Password under “Old Password”, which is the password supplied in the email I received. I am now going to enter in my new password and Click Save.

Step 2: Configure a Policy.

Now that is completed, I am going to move onto the first set up step, creating a policy. A policy is what tells WebTitan what categories of websites users are allowed to access. I am going to browse to Content Filtering < Policies.

I am going to click create policy. and fill in the details here.

The main area of focus here is Content Filtering section. As you can see here you can chose what level of protection you want based on pre-selected categories in each bracket.

Essential is your base level security, blocking sites that fall into the spyware and malware categories.

Enhanced then, is everything under the essential level plus adult related content, for example pornography.

Finally, Optimum is all the categories that come under Essential and enhanced but includes productivity inhibiting sites, for example gambling.

You can change the level of content filtering once the policy is create, including creating a customer level of content filtering where you can choose what categories you would like to block for your users.

Once the policy is created, a new window will be presented allowing you to configure more setting, specific to this policy.

Some of these settings here include:

Safe Search - which basically enabled the safe search settings on any browser you are using.

Allow/Blocked Domains - Allowing your to allow a site, for example linkedin.com while blocking the over category, social networking.

Custom Policy Categories - Here is where you can choose your custom categories, if I click on this it pops up presenting all the categories within WebTitan. You can select of deselect any categories you wish. The recommendations are already pre-selected.

If you choose a select of categories that already fall under a pre-existing level, then we will save it under that level rather than a custom one.

Once you are with the policy, Click “Save Changes” at the bottom of the page.

Step 3: Add your Locations.

Next step, we need to add a location. Locations are used to identify who is allowed to be filtered by WebTitan.

Lets go to Environment < Locations. There are 5 different types of locations can add, depending on your own network.

Static IP: This is the most common, it is one main IP of your main office, or it can be an IP range associated with your main office network.

Dynamic IP: This location is used if your main office has a Dynamic rather than static set up. This means that your IP of your router in your network updates regularly. If this is the case the Dynamic IP agent will be needed and I would recommend reaching out to your Account Manager for further information about that.

Dynamic DNS: This can be used as an alternative to Dynamic IP. This is using a hostname associated with a Dynamic IP rather than using the IP itself. Again I would recommend reaching out to your account manager if this is needed.

Roaming Location: This is in reference to OTG1 devices.

Virtual Locations: This is in reference to OTG2 devices. OTG stands for On the Go agent which is an additional feature along with WebTitan to protect your workers from home. Details about the OTG will be covered in another video.

To add a location, simply click “Add” and chose the type of location they will be adding.

Once the location type has been chosen, fill in the details requested in the pop up page. Lets take the static IP as an example.

I need to specify the IP or the IP range, and then also the policy I want to assign to that location. (Add in location 40.123.45.23). Lets chose the policy we create earlier. After completing this, WebTitan will accept any traffic from this IP, and anything that comes through will be filtered based on this policy I have set. Any changes I make to the policy will take an effect on anyone coming from that location.

Step 4: Install the SSL Cert.

The next step we need to tackle is regarding the SSL cert. So lets go to Settings < Certificates.

Here, you can download our SSL certs. What this allows you to do is receive a block page if you try and access a site that is blocked under your WebTitan Policy. Having this installed in the browser means the site presenting itself as the blockpage is verified and is a legitimate site. If this is not deployed, and access a block page, you will receive an error instead of a block page.

To download the cert, click download on the cert under SSL certificate. This can be deployed in a variation of ways. I already have one in my browser so I will not be following these steps.

However, my recommendations for deployment is pushed out through a Group Policy, meaning this will be a mass deployment for all your machines in your business, as all your users who will be filtered by WebTitan will need to have this SSL cert deployed to their browser. Alternatively, you can deploy this individually to your browser manually, the steps for that can be found on our docs portal doc.titanhq.com

Step 5: Redirect your DNS Requests.

This is all the confutation through your WebTitan account done. The final step is sending all your internet traffic to the WebTitan cloud. This must be done in order for your users to be protected. WebTitan cannot filter traffic that is not passing through it.

This can be completed in 2 ways.

1. Change the DNS settings on your Internet Router to the two IPs that are listed in the welcome email your recieved from TitanHQ. In this case, according to the email, my IPs are 1.2.3.4 and 5.6.7.8. In order to change these settings you may need to reach out to your ISP for assistance.

2. Set up forwarding rules on your DC or Firewall. This essentially means that after the DC has resolved any internal traffic, it is then told to seen anything not internal (IE public Sites) to the WebTitan cloud IPs.

For testing purposes, before deploying to all users, you can also manually change the DNS settings on your laptop to the WebTitan IP addresses if you have admin access on your machine.

Once this step is compete, the set up is complete and you will officially be protected the WebTitan product.