Important Google Safe Search information for CensorNet Cloud web filtering customers.
Google has recently
announced
plans to remove the popular ‘NoSSLSearch’ feature in December which
helps enforce Safe Search on the network. Unless action is taken the
Safe Search mode may not function correctly after 1st December 2014.
This feature is used by many education
establishments to disable secure searching to allow easier enforcement
of Safe Search without the proxy having to use deep HTTPS inspection
(SSL Intercept).
Google have replaced this functionality with ‘ForceSafeSearch’ which allows the use of secure searching whilst only returning results that Google deems as safe. As a result, we have updated Cloud Gateway to support this change. Please upgrade your server as soon as possible.
If you are using SSL Intercept mode already then no further action is required.
If you have SSL Intercept mode disabled, you have a number of choices:
- Enable SSL Intercept. This is the best option as it allows you to enforce Google Safe Search on a per policy basis. The side effect is a certificate has to be deployed to all web browsers on the network. This can be achieved with Group Policy to simplify administration.
- After upgrading, enable the “Force Google Safe Search globally” option under System -> Safe Search. This will enable Safe Search for all users of the proxy regardless of the Safe Search settings in their assigned policy.
- Use an alternative Search Engine and block Google.
Note about DNS changes:
If you are were using ‘NoSSLSearch’ by adding google.com, .com.au, .co.nz and .co.uk zone files to your DNS server you should remove this and swap to SSL Intercept or the new Safe Search feature outlined above. If you cannot do that for any reason you should update the IP address in the zone file from 216.239.32.20 to 216.239.38.120.
