Group management – Google Web Security for Enterprise Administration Guide User Manual

50

Google Web Security for Enterprise Administration Guide

To deactivate an Authentication Key:

1.

Click the Web Admin link, and click ‘Authentication Keys’ under
Authentication.

2.

Look for the Authentication Key you wish to deactivate and click the
corresponding ‘Deactivate’ button, which will not delete the Authentication
Key, but sets the Authentication Key state to ‘Inactive’.

Note:

If you are having Forbidden 403 HTML errors in your web browser while

trying to connect to the Internet through the Connector, you should check your
Authentication Key activation status, it should state ‘Active’ to operate
properly.

To revoke an Authentication Key:

Some users may want to remove an Authentication Key for security purposes or
for administration needs. Revoking an existing Authentication Key will delete it
permanently, and existing Connectors will require re-configuration with a new and
Active Authentication Key to operate properly.

1.

Click the Web Admin link on the Web Content tab, and click ‘Authentication
Keys’ under Authentication.

2.

Select the Authentication Keys you wish to delete by checking the appropriate
check boxes and clicking the ‘Delete’ button at the bottom of the screen.

IMPORTANT: A validation message will appear to ensure you wish to delete
the key. Revoking the key is an irreversible action; ensure you are prepared to
delete the key before clicking ‘OK’. A less severe way of managing
Authentication Keys would be to deactivate the key for a period of time, and
then revoking the Authentication Keys at a later point.

3.

If you wish to revoke the selected Authentication Keys, click ‘OK’.

Group Management

The “Groups” link in the Management sub-service tab, located in the left hand
column, is used to create and define Custom Groups and Directory Groups.
Groups are used to segment an organization’s user base so that more granular, or
role specific, web usage policies can be enforced. The web security service uses
two types of Groups to achieve this functionality:

•

Directory Groups – As the name implies, a Directory Group represents a
group of users as defined by a WinNT domain or by Active Directory.
Typically, a Directory Group will represent a group of users with similar roles
(hence access privileges) within the organization.

•

Custom Groups – are defined by either (or both) usernames and IP
addresses and subnets. Usernames are specified according to the WinNT or
Active Directory schema. IP addresses can private (publicly non-routable) or
public.