Evaluation Guide

Note: This page is still under development.

This page includes:

• Evaluation Guide
  • About the evaluation guide
  • 1. Malware protection - file downloads
  • 2. Malware protection - file downloads - password in page
  • 3. Malicious website protection
  • 4. Malicious website protection (phishing)
  • 5. DLP website rules
  • 6. Web filtering (Category-based)

About the evaluation guide

This guide is designed to help administrators quickly evaluate the Advanced Browser Security browser extension. Perform the test procedures below to assess the performance and functionality of the extension. Note that you should have the extension installed and configured in your environment, before you perform this evaluation. For installation details, see Deploying the extension [Managed deployment].

1. Malware protection - file downloads

Test scenario

In this test scenario, you'll try to download two malicious files. The extension should prevent you from downloading either of them.

Test procedure

1. In the Advanced Browser Security console, select Policies.

2. Click on the desired policy, and then navigate to the "Detection Settings" tab.

3. Under "File detection mode" select Block.

4. Download this EICAR file or the Mimikatz file - and observe how the extension intercepts the download and detects it to be malicious - and then prevents you from downloading either of the malicious files.

2. Malware protection - file downloads - password in page

Test scenario

In this test scenario, you'll try to download a password-protected malware file. The extension automatically detects the password on the page and uses the password for decryption and scanning.

Test procedure

Click here to download a file that contains password-protected malware. Observe how the extension automatically detects the password on the page and uses the password to decrypt the file - which can then be scanned.

3. Malicious website protection

Test scenario

In this test scenario, you'll try to access a malicious website. The extension will prevent you from accessing the website.

Test procedure

Visit this test malicious website. Observe how it is blocked by the extension.

4. Malicious website protection (phishing)

Test scenario

In this test scenario, you'll try to visit an active phishing website. The extension will prevent you from accessing the website.

Test procedure

1. Go to phishtank.org

2. Select and then visit an active phishing website of your choice. Make sure that you pick a valid phishing website. Observe how the extension blocks the website.

5. DLP website rules

Test scenario

In this test scenario, you'll create various DLP [data loss prevention] rules, and then observe how the rules affect what functionality is blocked and what functionality is available on a website that you specify.

Test procedure

1. Pick a website (for example, demo.1crmcloud.com).

2. Add a website rule to block various user actions on this website.

3. Test that the rules work as expected.

6. Web filtering (Category-based)

Test scenario

In this test scenario, you'll configure the extension to block access to all websites in a certain category - and then observe how access is blocked.

Test procedure

1. Pick a website category (for example, Gambling).

2. Configure the system to block that website category.

3. Test that the website is indeed blocked when visiting a website that belongs to this category.

See also: 

• Browser Extension Topics