How to install Securly Extension for Chrome and Edge browsers?

 

The Securly Extension is one of the easiest and fastest ways to get started with Chrome and Edge browser filtering.

Manual configuration

The following registry files can be manually imported to test filtering or they can be pushed out through Group Policy. If a school chooses to use a Chromium Edge or Google Chrome ADMX template the results are identical and the options have the same outcome.

Here are the settings to enable the Securly extension and restrictions outlined in the best practices document in Chromium Edge and Google Chrome:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Edge\ExtensionInstallForcelist]

"1"="dfkheabholbfmmehflddbknjimnjelda"

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Edge\ExtensionInstallBlocklist]

; This prevents other extensions being installed i.e. VPN/Proxy etc

; Note: any extension not listed in 'ExtensionInstallForcelist' will be disabled

"1"="*"

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Edge]

; Hides the welcome experience which creates shortcuts and asks to import settings and bookmarks. This can get in the way of the BrowserSignin policy.

"HideFirstRunExperience"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Edge]

; InPrivate Mode options are 0=Enabled [1=Disabled] 2=Forced

"InPrivateModeAvailability"=dword:00000001

; Guest Mode options are -=Enabled [0=Disabled]

"BrowserGuestModeEnabled"=dword:00000000

; Browser End Process options are -=Enabled [0=Disabled]

"TaskManagerEndProcessEnabled"=dword:00000000

; Developer Tools options are -=Enabled [2=Disabled]

"DeveloperToolsAvailability"=dword:00000002

[HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist]

"1"="iheobagjkfklnlikgihanlhcddjoihkg"

[HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallBlocklist]

"1"="*"

[HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome]

; Incognito Mode options are 0=Enabled [1=Disabled] 2=Forced

"IncognitoModeAvailability"=dword:00000001

; Guest Mode options are -=Enabled [0=Disabled]

"BrowserGuestModeEnabled"=dword:00000000

; Browser End Process options are -=Enabled [0=Disabled]

"TaskManagerEndProcessEnabled"=dword:00000000

; Browser Sign-in options are -=Enabled 0=Disabled [2=Forced]

"BrowserSignin"=dword:00000002

; Developer Tools options are -=Enabled [2=Disabled]

"DeveloperToolsAvailability"=dword:00000002

Using an ADMX template in Group Policy to deploy

Go to the Microsoft Edge Enterprise landing page to download the Microsoft Edge policy templates file (MicrosoftEdgePolicyTemplates.cab) and extract the contents. 

Follow this guide to install the ADMX template to your domain or to your machine.

All settings can be configured within your Group Policy Editor under this path: (Computer Configuration or User Configuration) > Policies > Administrative Templates > Microsoft Edge

  • Extensions > “Control which extensions are installed silently” (ExtensionInstallForcelist) should include the Securly Edge extension and any other mandatory extensions extensionnew1.png
  • Extensions > “Control which extensions cannot be installed” [ExtensionInstallBlocklist] may be used to block all other extensions (such as VPNs or proxies)
  • “Hide the First-run experience and splash screen” [HideFirstRunExperience] may be disabled extensionnew2.png
  • “Configure InPrivate mode availability” [InPrivateModeAvailability] should be disabled
  • “Enable guest mode” [BrowserGuestModeEnabled] should be disabled
  • “Enable ending processes in the Browser task manager” [TaskManagerEndProcessEnabled] should be disabled
  • “Browser sign-in settings” [BrowserSignin] may be used to force users to sign in to the browser, this can help with other Office apps
  • “Control where developer tools can be used” [DeveloperToolsAvailability] should be disabled

For Chrome, you can download the ADMX templates and use the same instructions to deploy to your domain or to your workstation. 

All settings can be configured within your Group Policy Editor under this path: (Computer Configuration or User Configuration) > Policies > Administrative Templates > Google > Google Chrome

  • Extensions > “Configure the list of force-installed apps and extensions” [ExtensionInstallForcelist] should include the Securly Chrome extension and any other mandatory extensions extensionnew3.png
  • Extensions > “Configure extension installation blocklist” [ExtensionInstallBlocklist] may be used to block all other extensions (such as VPNs or proxies)
  • “IncognitoModeAvailability” [IncognitoModeAvailability] should be disabled extensionnew4.png
  • “Enable guest mode in browser” [BrowserGuestModeEnabled] should be disabled
  • “Enable ending processes in the Browser task manager” [TaskManagerEndProcessEnabled] should be disabled
  • “Browser sign-in settings” [BrowserSignin] may be used to force users to sign in to the browser, this can help with other Office apps
  • “Control where developer tools can be used” [DeveloperToolsAvailability] should be disabled

Using Intune/Endpoint Manager to deploy

If you are using Intune/Endpoint Manager, follow the steps in the links below:

  1. Edge: https://bit.ly/34xZIvL  
  2. Chrome: https://bit.ly/3gHAUUz  
Was this article helpful?
3 out of 6 found this helpful
Have more questions?
Submit a request

Comments

0 comments

Article is closed for comments.

Articles in this section

See more