How to install Securly Extension for Chrome and Edge browsers (Windows)

Edge
ID: adncfiefnfjddkdlfcckejoefaoehcdf

Update URL:  https://extensions.securly.com/extensions.xml

Chrome:
ID: lcgajdcbmhepemmlpemkkpgagieehmjp
Update URL:  https://extensions.securly.com/extensions.xml

Clarification on Managing Extensions with Intune and Google Workspace

Important Note for Administrators:

If your goal is to manage and lock down Windows PCs and browser extensions even when users are not signed into browsers, you must use Intune. In this case, Intune will override any extensions managed through Google Workspace (Google Admin Console). Therefore, extensions must be managed by Intune to ensure they are pushed to devices regardless of user sign-in status.

On the other hand, if your goal is to force users to use Chrome and ensure they are always signed in, you do not need to use Intune to push extensions. You can continue managing and pushing extensions through Google Admin Console, as users will always be signed into Chrome.

By understanding these configurations, you can better manage your environment and ensure that extensions are deployed according to your organization's needs.


----------------

Option 1:  Using an ADMX template in Group Policy to deploy

Go to the Microsoft Edge Enterprise landing page to download the Microsoft Edge policy templates file (MicrosoftEdgePolicyTemplates.cab) and extract the contents. 

Screenshot_2023-05-08_at_5.04.40_PM.png

Follow this guide to install the ADMX template to your domain or to your machine.

All settings can be configured within your Group Policy Editor under this path: (Computer Configuration or User Configuration) > Policies > Administrative Templates > Microsoft Edge

  • Extensions > “Control which extensions are installed silently” (ExtensionInstallForcelist) should include the Securly Edge extension and any other mandatory extensions extensionnew1.png
  • Extensions > “Control which extensions cannot be installed” [ExtensionInstallBlocklist] may be used to block all other extensions (such as VPNs or proxies)
  • “Hide the First-run experience and splash screen” [HideFirstRunExperience] may be disabled extensionnew2.png
  • “Configure InPrivate mode availability” [InPrivateModeAvailability] should be disabled
  • “Enable guest mode” [BrowserGuestModeEnabled] should be disabled
  • “Enable ending processes in the Browser task manager” [TaskManagerEndProcessEnabled] should be disabled
  • “Browser sign-in settings” [BrowserSignin] may be used to force users to sign in to the browser, this can help with other Office apps
  • “Control where developer tools can be used” [DeveloperToolsAvailability] should be disabled

For Chrome, you can download the ADMX templates and use the same instructions to deploy to your domain or to your workstation. 

All settings can be configured within your Group Policy Editor under this path: (Computer Configuration or User Configuration) > Policies > Administrative Templates > Google > Google Chrome

  • Extensions > “Configure the list of force-installed apps and extensions” [ExtensionInstallForcelist] should include the Securly Chrome extension and any other mandatory extensions extensionnew3.png
  • Extensions > “Configure extension installation blocklist” [ExtensionInstallBlocklist] may be used to block all other extensions (such as VPNs or proxies)
  • “IncognitoModeAvailability” [IncognitoModeAvailability] should be disabled extensionnew4.png
  • “Enable guest mode in browser” [BrowserGuestModeEnabled] should be disabled
  • “Enable ending processes in the Browser task manager” [TaskManagerEndProcessEnabled] should be disabled
  • “Browser sign-in settings” [BrowserSignin] may be used to force users to sign in to the browser, this can help with other Office apps
  • “Control where developer tools can be used” [DeveloperToolsAvailability] should be disabled

 

Option 2:  Using Intune/Endpoint Manager to deploy

If you are using Intune/Endpoint Manager, follow the steps in the links below:

  1. Edge: https://bit.ly/34xZIvL  
  2. Chrome: https://bit.ly/3gHAUUz  
  3. ADMX instructions for Edge: rb.gy/0kkb1
  4. ADMX download for Edge: https://t.ly/83CUY 

 

Option 3:  Registry

[THIS METHOD OF DEPLOYMENT IS FOR TESTING PURPOSES ONLY]

 

The Securly Extension is one of the easiest and fastest ways to get started with Chrome and Edge browser filtering.

Manual configuration

The following registry files can be manually imported to test filtering or they can be pushed out through Group Policy. If a school chooses to use a Chromium Edge or Google Chrome ADMX template the results are identical and the options have the same outcome.

Here are the settings to enable the Securly extension and restrictions outlined in the best practices document in Chromium Edge and Google Chrome:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Edge\ExtensionInstallForcelist]

"1"="adncfiefnfjddkdlfcckejoefaoehcdf;https://extensions.securly.com/extensions.xml"

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Edge\ExtensionInstallBlocklist]

; This prevents other extensions being installed i.e. VPN/Proxy etc

; Note: any extension not listed in 'ExtensionInstallForcelist' will be disabled

"1"="*"

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Edge]

; Hides the welcome experience which creates shortcuts and asks to import settings and bookmarks. This can get in the way of the BrowserSignin policy.

"HideFirstRunExperience"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Edge]

; InPrivate Mode options are 0=Enabled [1=Disabled] 2=Forced

"InPrivateModeAvailability"=dword:00000001

; Guest Mode options are -=Enabled [0=Disabled]

"BrowserGuestModeEnabled"=dword:00000000

; Browser End Process options are -=Enabled [0=Disabled]

"TaskManagerEndProcessEnabled"=dword:00000000

; Developer Tools options are -=Enabled [2=Disabled]

"DeveloperToolsAvailability"=dword:00000002

[HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist]

"1"="lcgajdcbmhepemmlpemkkpgagieehmjp;https://extensions.securly.com/extensions.xml"

[HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallBlocklist]

"1"="*"

[HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome]

; Incognito Mode options are 0=Enabled [1=Disabled] 2=Forced

"IncognitoModeAvailability"=dword:00000001

; Guest Mode options are -=Enabled [0=Disabled]

"BrowserGuestModeEnabled"=dword:00000000

; Browser End Process options are -=Enabled [0=Disabled]

"TaskManagerEndProcessEnabled"=dword:00000000

; Browser Sign-in options are -=Enabled 0=Disabled [2=Forced]

"BrowserSignin"=dword:00000002

; Developer Tools options are -=Enabled [2=Disabled]

"DeveloperToolsAvailability"=dword:00000002

Additional Info: Securly Filter Extension Versions

Securly Filter has a small number of extensions to choose from depending on your environment. Securly recommends using our self-hosted extensions where possible as we can more quickly and easily control the version of the software that is released. With the Google/Microsoft hosted extensions there is a considerable delay when we publish updates and if there are any issues it takes a similarly long time to push fixes or updates. 

Important note: When pushing out a Securly-hosted extension using G-Suite Admin Console, please ensure that the Update URL setting is changed to "Installation URL" instead of the inherited Google default "Updatecheck URL..."

Browser Extension ID Version
Chromebook Only joflmkccibkooplaeoinecjbmdebglab 2.98.68 (PKG-23 / Sep 2024)
Chrome Browser (macOS/Windows) lcgajdcbmhepemmlpemkkpgagieehmjp 2.98.68 (PKG-23 / Sep 2024)
Edge Browser adncfiefnfjddkdlfcckejoefaoehcdf 2.98.68 (PKG-23 / Sep 2024)
Securly-hosted extensions (https://extensions.securly.com/extensions.xml)
Browser Extension ID Version
Chromebook Only iheobagjkfklnlikgihanlhcddjoihkg 2.98.65 (PKG-23 / Sep 2024)
Google-hosted extension
Browser Extension ID Version
Edge Browser dfkheabholbfmmehflddbknjimnjelda 2.98.42 (PKG-23 / Sep 2024)
Microsoft-hosted extension

Some experimental extensions are usually published for specific tests to be completed by customers, these are listed here for completeness but should only be used under instruction from a Securly support team member.

Browser Extension ID Version
Chromebook nldffgleokocdcddeocjmdgneoinbhfb 2.98.0 (Think Twice)
Chrome Browser (macOS/Windows) hgpppmjalkmcmloikkbmonbpdakcklfp 2.98.0 (Think Twice)
Edge Browser bjnmaaglmedeickpbmlhmjkndenggend 2.98.0 (Think Twice)
Chromebook khfcjmoagjdbcchabenkohfbllefkbei 2.98.0 (MV3)
Chromebook hgmfginomehjpgpacpjnjaijecknnaog 2.98.51 (PKG-20 Beta - DNS Failsafe)
Chrome Browser (macOS/Windows) ehpfmanenigliflmbaiihbppncilhaha 2.98.50 (Beta)
Chromebook knneimmpeamikmjijmnhjmmobddleohj 2.98.60 (REL-6435)
Edge Browser cppgiodhimhhljofjomebpcgliegpddd 2.98.61 (FILTER-3880)
Chrome Browser (macOS/Windows) pmjdkmdfhcbecicgaenammmpamphljpe 2.98.61 (FILTER-3880)
Chromebook bemnimicbokkfdkgbghbpaelcagifglp 2.97.1 (QA)
Experimental Securly-hosted extensions (https://extensions.securly.com/extensions.xml)
Was this article helpful?
11 out of 29 found this helpful
Have more questions?
Submit a request

Comments

0 comments

Article is closed for comments.

Articles in this section

See more