SOTI Surf
Use this dialog box to configure settings for the SOTI Surf app.
General
Home Screen
Specify home screen catalog entries, the home screen website, or the corporate bookmarks for SOTI Surf.
If website filtering is enabled on the profile configuration, websites configured as the home screen or as part of the home screen catalog are automatically whitelisted.
- If a device has multiple home screen websites enabled, the profile that was assigned first will supersede all others.
- If a device has multiple home screen catalogs enabled, all websites from all profiles will be added to the catalog on the device.
- If a device has a website and a catalog enabled, the home screen website will supersede the catalog.
- If a device has a profile with the home screen enabled and another with it disabled, the enabled home screen will supersede the disabled setting.
- Corporate bookmarks from multiple profiles will be unioned.
Enable Home Screen | Select to control how the home screen of the SOTI Surf app appears. |
Catalog | These websites appear as links on the SOTI Surf home page.
Click New in the Configured Websites table to add a new catalog entry. To delete a website, hover over its row and click Delete. Use the arrows to arrange the order in which the websites appear in the SOTI Surf home screen. |
Website | In Home screen URL, specify which website should be the SOTI Surf home page.
Click New in the Configured Corporate Bookmarks table to create a new row. Enter a display name and the website's URL. Listed websites are added as corporate bookmarks To delete a bookmark, hover over its row and click Delete. Use the arrows to arrange the order in which the websites appear in the SOTI Surf bookmarks menu. |
Settings
Auto Hide Top and Bottom Bar | When enabled, device users cannot see or access the top and bottom bars of SOTI Surf. |
Full screen mode | When enabled, SOTI Surf remains in full screen mode. |
Text Scaling | Enter a percentage value from 50 - 200 to set the text size in the app.
Tip: On Android devices, you can also send a script to change the zoom level in the SOTI Surf app:
sendinfo net.soti.action.surf BROWSERZOOMLEVEL 400 where 400 is a percentage value. |
Restore tabs on startup | When enabled, tabs from a previous session are automatically loaded the next time the SOTI Surf app is launched. |
Open links in new tab | When enabled, links are opened in a new tab instead of the current tab. |
URL suggestion | When enabled, SOTI Surf suggests websites as the device user types in the address bar. |
Download Location | The location on the device where SOTI Surf saves files downloaded from the internet. This option only applies to files downloaded from sites that are not routed through ERG. Downloads from sites routed through ERG are saved in an application sandbox.
The download location must be a location in the device's internal storage, for example, %sdcard% or a defined directory path. Directory paths cannot begin or end with Note: To save downloads to the root level, leave the download location field blank.
If a device has multiple profiles with conflicting download location settings, settings from the profile that was created first will be used. |
Hide Reset Settings | When enabled, device users cannot see or access the Reset Settings option in the SOTI Surf app. |
Browsing on Cellular | When enabled, the SOTI Surf app can use cellular networks. |
Roaming | When enabled, the SOTI Surf app can use cellular networks while roaming. |
WiFi | When enabled, the SOTI Surf app can use WiFi networks. |
Export browsing history | Enable this option and then, in the File Location field, enter a location on the device's internal storage where you want to store browser history from the SOTI Surf app.
If a device has multiple profiles with conflicting file location settings, settings from the profile that was created first will be used. |
Use LDAP Login | When enabled, devices users must use their LDAP credentials to log into SOTI Surf. You must have intranet gateway settings configured to use this option.
Specify the user inactivity time (in minutes), after which the user will be logged out. Enter 0 to disable inactivity timeout for the browser. If a device has been assigned multiple SOTI Surf configurations with conflicting Enable LDAP Login settings, the configuration with LDAP enabled applies. If multiple SOTI Surf configurations have LDAP enabled but with differing inactivity timeouts, the timeout period specified in the configuration that was applied first supersedes the subsequent configurations. |
Delay Application Update | Specify the time (in minutes) between when a configuration change is pushed to the device and when the app is forced to shut down and apply the update, requiring device users to log in again.
If a device has been assigned multiple SOTI Surf configurations with conflicting app shutdown times, the configuration that was created first applies. |
Privacy
The privacy settings section for the SOTI Surf profile configuration allows you to dictate the browsing capabilities of your device users.
If you assign multiple profiles with differing SOTI Surf configurations to the same device, the most restrictive version of the setting applies. In general, settings in the Privacy section are more restrictive when they are enabled. Exceptions are noted.
Disable Copy from Browser | When enabled, devices users cannot copy content from within browser - both to other web pages and to apps outside of the browser.
Note: Enabling this option also enables Disable Screen Capture when Browsing and Disable Sharing of Downloaded Files. Both options can be subsequently disabled without also disabling Disable Copy from Browser.
|
Disable Screen Capture when Browsing | When enabled, device users cannot take screenshots of their device screen while SOTI Surf is the active app. |
Disable Downloading of Files | When enabled, device users cannot download any files from within the SOTI Surf app.
Note: Enabling this option also enables the Disable Sharing of Downloaded Files setting though it can be deselected independently of Disable Downloading of Files.
|
Disable Sharing of Downloaded Files | When enabled, device users cannot share any files they have downloaded in SOTI Surf with another person or another app. |
Disable Printing | When enabled, devices users cannot print any content from within the browser.
Note: Disable Printing does not disable Cloud Printing on sites such Gmail, where printing options are available.
|
Disable JavaScript | When enabled, JavaScript does not run on any web pages.
Note: Device users may experience significant limitations when navigating the internet due to the prevalence of JavaScript.
|
Disable Popups | When enabled, SOTI Surf prevents websites from opening any popup windows. Websites that use alerts or confirmation boxes are allowed but any websites that call new web pages are blocked. |
Disable Cookies | When enabled, websites cannot store any cookies on SOTI Surf. |
Clear Cookies on Launch | When enabled, cookies from previous browser sessions will be cleared when the browser is relaunched.
Note: Clear Cookies on Launch can be enabled independently of Disable Cookies.
|
Disable Third Party Cookies | When enabled, third-party websites cannot save or read cookie data from SOTI Surf. |
Disable Website Cache | When enabled, the browser does not cache website data when the app closes or the user navigates away from a web page. |
Disable Auto Fill | When enabled, web pages with forms or fillable fields do not remember any previously entered information. |
Disable Safe Search | When enabled, the safe search filter (that is normally active on SOTI Surf) to block inappropriate or explicit images and videos is turned off. Device users can access all web content - if it is not blocked by other web filtering settings. Disable safe search applies to search results only.
Note: Disable Safe Search is more restrictive when it is unchecked.
|
Disable Access to Websites with invalid SSL certificate | When enabled, device users cannot access websites with SSL security certificate errors. |
Open new tab in background | When enabled, when a device user clicks a link to open it in a new tab, the new tab will always open in the background.
Note: If multiple profiles are assigned to a device but have conflicting tab opening settings, the setting of the profile that was created first will apply.
|
Clear History on Launch | When enabled, when the SOTI Surf app is launched, the browsing history from previous sessions is cleared.
Note: If multiple profiles are assigned to a device but have conflicting clear history on launch settings, the profile with the setting enabled will apply.
|
Disable Bookmarks | When enabled, device users cannot save webpages as new bookmarks or edit existing bookmarks in the SOTI Surf app.
Note: If multiple profiles are assigned to a device but have conflicting disable bookmarks settings, the profile with the setting enabled will apply.
|
Open Files in Third Party Applications | When enabled, devices users can open files that are unsupported by the SOTI Surf editor in third party applications instead. Open Files in Third Party Applications is more restrictive when disabled; devices with conflicting settings will use the disabled setting and block the opening of files in third party applications. |
Disable Zoom Gestures | When enabled, devices users cannot use gestures to zoom in and out in web pages. |
Disable Media Auto-play | When enabled, videos and audio clips are prevented from automatically starting playback. Muted videos, however, are still auto played. |
Hide Address Bar | When enabled, the address bar in the SOTI Surf browser is hidden, preventing device users from manually entering or editing website URLs, thus restricting user access to websites in the Home screen catalog. |
Search Engine | Select a default search engine for SOTI Surf. Any searches initiated from the address bar are run through the specified search engine.
If a device has been assigned multiple profiles that have conflicting settings, the search engine from the profile that was assigned first will apply. |
Filtering
Intranet Gateway Settings
Use this dialog box to set up an Enterprise Resource Gateway (ERG) for SOTI Surf. ERG routes your web traffic through a proxy server and grants your device users access to your internal network. You must have ERG configured on a proxy server to use this feature. Once ERG is set up, you can link your server to the SOTI Surf app through the SOTI Surf configuration.
Refer to Installing the SOTI Apps Server Extension for more information.
Turn on Enable Intranet Gateway Settings and enter the address of the proxy of your ERG as an IP address or as a fully qualified domain name (FQDN) and its port number in the Enterprise Resource Gateway fields.
To specify which domains you want to route through the ERG, click Add in the Add a Domain table to add a new row.
To delete a domain, hover over its row and click Delete.
Website Restrictions
You can block users from accessing websites based on specific URLs or by website content. You can create a blacklist, a whitelist, or block websites based on content type.
When a blacklist is applied, any sites on the blacklist will redirect the device user to the default URL for blocked websites or a blank page, depending on your settings.
A whitelist is more restrictive than a blacklist. The device user can only access the sites specified on the whitelist. Any attempt by the device user to access non-whitelisted sites redirects the device user to the default URL or a blank page, depending on your settings. Redirect URLs are automatically whitelisted.
You cannot apply both a blacklist and a whitelist within the same profile configuration. If a device receives a blacklist and a whitelist from two different profiles, the whitelist overrides the blacklist. If a device receives multiple blacklists or multiple whitelists from different profiles, then the websites (and the exceptions) from all profiles are unioned.
Turn on Enable Website Restrictions and select a type: Blacklist or Whitelist.
To specify which websites you want to filter, click Add in the Websites table to add a new row.
To delete an entry, hover over its row and click Delete.
In the Redirection URL for Blocked Websites/Categories, enter the website device users are taken to when they try to access an unauthorized website.
Turn on Exclude websites from the filter and click Add in the Websites table to add a new website exception to your blacklist or whitelist.
Use the Website Categories to Block section to block websites based on their content. Select any categories you want to block SOTI Surf from accessing or use Select All to block all the content categories.
Choosing Select All severely limits the functionality of the SOTI Surf browser.
You can add an exception to web content categories by adding the website to the exception list of a Blacklist web filter.
Devices with blocked categories from multiple profiles will have all categories from all profiles applied.
Kiosk Mode
Kiosk mode limits SOTI Surf functionality, reducing device users' access to websites and SOTI Surf app settings. The address bar is disabled, and users can only navigate forward through hyperlinks and backwards using the back button. The long-press context menu is also disabled.
If a device is assigned multiple kiosk mode settings, the most restrictive one will apply.
Turn on Enable Kiosk Mode to start.
Hide App Bottom Bar | When enabled, device users cannot access the bottom bar of the SOTI Surf app, which includes the forward and backward navigation buttons, as well as the home and the app menu icons.
Selecting this option causes the Hide App Menu and Clear Cookies with Home options to become automatically selected. |
Hide App Menu | When enabled, device users cannot access the app menu. |
Clear Cookies with Home | When enabled, browser cookies are cleared whenever the device user navigates to the home screen.
Note: This option is redundant if Disable Cookies is selected in the Configure Privacy Settings section.
|
Disable Keyboard | When enabled, device users cannot display the keyboard, for example when they tap on a text field.
Note: Device users can use the keyboard to log in, after which it becomes disabled.
|