SOTI Surf

Use this dialog box to configure settings for the SOTI Surf app.

Home Screen

Specify home screen catalog entries, the home screen website, or the corporate bookmarks for SOTI Surf.

If website filtering is enabled on the profile configuration, websites configured as the home screen or as part of the home screen catalog are automatically whitelisted.

Note: If a device is assigned multiple profiles containing SOTI Surf, conflicts between the configured settings are resolved in the following manner:
  • If a device has multiple home screen websites enabled, the profile that was assigned first will supersede all others.
  • If a device has multiple home screen catalogs enabled, all websites from all profiles will be added to the catalog on the device.
  • If a device has a website and a catalog enabled, the home screen website will supersede the catalog.
  • If a device has a profile with the home screen enabled and another with it disabled, the enabled home screen will supersede the disabled setting.
  • Corporate bookmarks from multiple profiles will be unioned.
Table 1. Home Screen
Enable Home Screen Select to control how the home screen of the SOTI Surf app appears.
Catalog These websites appear as links on the SOTI Surf home page.

Click New in the Configured Websites table to add a new catalog entry.

To delete a website, hover over its row and click Delete.

Use the arrows to arrange the order in which the websites appear in the SOTI Surf home screen.

Website In Home screen URL, specify which website should be the SOTI Surf home page.

Click New in the Configured Corporate Bookmarks table to create a new row. Enter a display name and the website's URL. Listed websites are added as corporate bookmarks

To delete a bookmark, hover over its row and click Delete.

Use the arrows to arrange the order in which the websites appear in the SOTI Surf bookmarks menu.

Settings

Important: If you want to prevent device users from reversing a setting in the SOTI Surf app, make sure to also disable the User Configurable toggle for the applicable settings.
Auto Hide Top and Bottom Bar When enabled, device users cannot see or access the top and bottom bars of SOTI Surf.
Full screen mode When enabled, SOTI Surf remains in full screen mode.
Restore tabs on startup When enabled, tabs from a previous session are automatically loaded the next time the SOTI Surf app is launched.
Open links in new tab When enabled, links are opened in a new tab instead of the current tab.
URL suggestion When enabled, SOTI Surf suggests websites as the device user types in the address bar.
Hide Reset Settings When enabled, device users cannot see or access the Reset Settings option in the SOTI Surf app.
Browsing on Cellular When enabled, the SOTI Surf app can use cellular networks.
WiFi When enabled, the SOTI Surf app can use WiFi networks.
Use LDAP Login When enabled, devices users must use their LDAP credentials to log into SOTI Surf. You must have intranet gateway settings configured to use this option.

Specify the user inactivity time (in minutes), after which the user will be logged out. Enter 0 to disable inactivity timeout for the browser.

If a device has been assigned multiple SOTI Surf configurations with conflicting Enable LDAP Login settings, the configuration with LDAP enabled applies. If multiple SOTI Surf configurations have LDAP enabled but with differing inactivity timeouts, the timeout period specified in the configuration that was applied first supersedes the subsequent configurations.

Delay Application Update Specify the time (in minutes) between when a configuration change is pushed to the device and when the app is forced to shut down and apply the update, requiring device users to log in again.

If a device has been assigned multiple SOTI Surf configurations with conflicting app shutdown times, the configuration that was created first applies.

Privacy

The privacy settings section for the SOTI Surf profile configuration allows you to dictate the browsing capabilities of your device users.

If you assign multiple profiles with differing SOTI Surf configurations to the same device, the most restrictive version of the setting applies. In general, settings in the Privacy section are more restrictive when they are enabled. Exceptions are noted.

Disable Copy from Browser When enabled, devices users cannot copy content from within browser - both to other web pages and to apps outside of the browser.
Note: Enabling this option also enables Disable Screen Capture when Browsing and Disable Sharing of Downloaded Files. Both options can be subsequently disabled without also disabling Disable Copy from Browser.
Disable Downloading of Files When enabled, device users cannot download any files from within the SOTI Surf app.
Note: Enabling this option also enables the Disable Sharing of Downloaded Files setting though it can be deselected independently of Disable Downloading of Files.
Disable Sharing of Downloaded Files When enabled, device users cannot share any files they have downloaded in SOTI Surf with another person or another app.
Disable Printing When enabled, devices users cannot print any content from within the browser.
Note: Disable Printing does not disable Cloud Printing on sites such Gmail, where printing options are available.
Disable Cookies When enabled, websites cannot store any cookies on SOTI Surf.
Clear Cookies on Launch When enabled, cookies from previous browser sessions will be cleared when the browser is relaunched.
Note: Clear Cookies on Launch can be enabled independently of Disable Cookies.
Disable Website Cache When enabled, the browser does not cache website data when the app closes or the user navigates away from a web page.
Disable Safe Search When enabled, the safe search filter (that is normally active on SOTI Surf) to block inappropriate or explicit images and videos is turned off. Device users can access all web content - if it is not blocked by other web filtering settings. Disable safe search applies to search results only.
Note: Disable Safe Search is more restrictive when it is unchecked.
Disable Access to Websites with invalid SSL certificate When enabled, device users cannot access websites with SSL security certificate errors.
Open new tab in background When enabled, when a device user clicks a link to open it in a new tab, the new tab will always open in the background.
Note: If multiple profiles are assigned to a device but have conflicting tab opening settings, the setting of the profile that was created first will apply.
Clear History on Launch When enabled, when the SOTI Surf app is launched, the browsing history from previous sessions is cleared.
Note: If multiple profiles are assigned to a device but have conflicting clear history on launch settings, the profile with the setting enabled will apply.
Disable Bookmarks When enabled, device users cannot save webpages as new bookmarks or edit existing bookmarks in the SOTI Surf app.
Note: If multiple profiles are assigned to a device but have conflicting disable bookmarks settings, the profile with the setting enabled will apply.
Open Files in Third Party Applications When enabled, devices users can open files that are unsupported by the SOTI Surf editor in third party applications instead. Open Files in Third Party Applications is more restrictive when disabled; devices with conflicting settings will use the disabled setting and block the opening of files in third party applications.
Disable Zoom Gestures When enabled, devices users cannot use gestures to zoom in and out in web pages.
Disable Media Auto-play When enabled, videos and audio clips are prevented from automatically starting playback. Muted videos, however, are still auto played.
Disable Media Auto-play When enabled, videos and audio clips are prevented from automatically starting playback. Muted videos, however, are still auto played.
Search Engine Select a default search engine for SOTI Surf. Any searches initiated from the address bar are run through the specified search engine.

If a device has been assigned multiple profiles that have conflicting settings, the search engine from the profile that was assigned first will apply.

Filtering

Intranet Gateway Settings

Use this dialog box to set up an Enterprise Resource Gateway (ERG) for SOTI Surf. ERG routes your web traffic through a proxy server and grants your device users access to your internal network. You must have ERG configured on a proxy server to use this feature. Once ERG is set up, you can link your server to the SOTI Surf app through the SOTI Surf configuration.

Refer to Installing the SOTI Apps Server Extension for more information.

Note: It is possible to assign multiple profiles to the same device with different SOTI Surf configuration settings. If one profile has Use Intranet Gateway enabled and another profile that targets the same device, does not, then only the enabled profile applies. Also, if you assign multiple proxy servers to the same device through multiple profiles, the device will only use the settings of the first assigned proxy and ignore all subsequent proxy servers. However, if the multiple profiles contain the same proxy settings (as in the same IP address or FQDN and the same port number) then all the domains of each matching profile will be applicable.

Turn on Enable Intranet Gateway Settings and enter the address of the proxy of your ERG as an IP address or as a fully qualified domain name (FQDN) and its port number in the Enterprise Resource Gateway fields.

To specify which domains you want to route through the ERG, click Add in the Add a Domain table to add a new row.

Tip: Click Import to upload a .csv or .txt file with a list of domains to SOTI MobiControl.

To delete a domain, hover over its row and click Delete.

Website Restrictions

You can block users from accessing websites based on specific URLs or by website content. You can create a blacklist, a whitelist, or block websites based on content type.

When a blacklist is applied, any sites on the blacklist will redirect the device user to the default URL for blocked websites or a blank page, depending on your settings.

A whitelist is more restrictive than a blacklist. The device user can only access the sites specified on the whitelist. Any attempt by the device user to access non-whitelisted sites redirects the device user to the default URL or a blank page, depending on your settings. Redirect URLs are automatically whitelisted.

You cannot apply both a blacklist and a whitelist within the same profile configuration. If a device receives a blacklist and a whitelist from two different profiles, the whitelist overrides the blacklist. If a device receives multiple blacklists or multiple whitelists from different profiles, then the websites (and the exceptions) from all profiles are unioned.

Turn on Enable Website Restrictions and select a type: Blacklist or Whitelist.

To specify which websites you want to filter, click Add in the Websites table to add a new row.

Tip: Click Import to upload a .csv or .txt file with a list of websites to SOTI MobiControl.

To delete an entry, hover over its row and click Delete.

In the Redirection URL for Blocked Websites/Categories, enter the website device users are taken to when they try to access an unauthorized website.

Turn on Exclude websites from the filter and click Add in the Websites table to add a new website exception to your blacklist or whitelist.

Use the Website Categories to Block section to block websites based on their content. Select any categories you want to block SOTI Surf from accessing or use Select All to block all the content categories.

Choosing Select All severely limits the functionality of the SOTI Surf browser.

You can add an exception to web content categories by adding the website to the exception list of a Blacklist web filter.

Note: When the Uncategorized setting is enabled, device users cannot access any website that does not have a website category assigned.

Devices with blocked categories from multiple profiles will have all categories from all profiles applied.

Kiosk Mode

Kiosk mode limits SOTI Surf functionality, reducing device users' access to websites and SOTI Surf app settings. The address bar is disabled, and users can only navigate forward through hyperlinks and backwards using the back button. The long-press context menu is also disabled.

If a device is assigned multiple kiosk mode settings, the most restrictive one will apply.

Turn on Enable Kiosk Mode to start.

Hide App Bottom Bar When enabled, device users cannot access the bottom bar of the SOTI Surf app, which includes the forward and backward navigation buttons, as well as the home and the app menu icons.

Selecting this option causes the Hide App Menu and Clear Cookies with Home options to become automatically selected.

Hide App Menu When enabled, device users cannot access the app menu.
Clear Cookies with Home When enabled, browser cookies are cleared whenever the device user navigates to the home screen.
Note: This option is redundant if Disable Cookies is selected in the Configure Privacy Settings section.
Disable Keyboard When enabled, device users cannot display the keyboard, for example when they tap on a text field.
Note: Device users can use the keyboard to log in, after which it becomes disabled.