Quarantining Users Trying to Bypass Filtering

Have more questions? Submit a request
This article is intended for IT support and filtering administrators at schools with a School Manager physical appliance.

The Quarantine feature temporarily blocks all internet traffic when a device running Connect triggers a filtering policy with the Quarantine enabled. Your School Manager appliance blocks the quarantined user’s internet access for three minutes by default. A new quarantine period will start each time the user violates the policy while their device is connected to your physical network. You can ask Linewize Support to change the default period of time for Quarantined devices.


The Quarantine feature does not apply to school networks with cloud-only filtering or when your users connect from outside your school’s network, for example students connecting from home.

Quarantine should only be applied to policies where the affected groups or users and the type of activity can be precisely defined. Enabling Quarantine across your whole network or using the wrong type of criteria can unnecessarily disconnect users from the internet.

Enabling Quarantine Example

Here’s an example for using quarantine to prevent the use of VPN, anonymous proxy or TOR inside your school. You will enable the Quarantine feature on a filter using the filtering Signature for Proxies and VPNS. Most VPN services will timeout if the device is disconnected from the internet for three minutes. 

  1. Select Filtering > Content Filtering in School Manager.

  2. Select Create Policy.

  3. Enter a Name, for example “Block VPN on campus - temporarily stop internet access”.

    Start typing the type of behavior you want to block, for example “VPN”. Select the Signature or website. In this example, select “Proxies and VPNs”.


Quarantine can be used with any Block policy. It is commonly used to manage devices running “Proxies and VPNS” while connected to your campus network.

  1. (Optional) In Criteria, you can add a Group or Network Range.

    Type the name of the Group or enter the Network Range. In this example, we recommend adding a Group to apply this policy only to students.

  2. Check the Quarantine box.
  3. Click Save Policy.

You can take this filtering policy one step further by creating a more granular quarantine policy with specific criteria for students who struggle to stay on task and are known to attempt to bypass the network by using VPN extensions in their web browsers.


Frequently Asked Questions

How do I know if my network can use the Quarantine feature?

Most schools using a School Manager appliance can use Quarantine for devices connecting to their physical network. If you are unsure, contact Linewize Support. 

How do I know if a user is quarantined?

You can find details about users who triggered quarantine in Statistics > Realtime > Users and Hosts.

Look for a red banner in the Quarantined column. In addition to the IP and Hardware (MAC address) you will be able to see the user’s Login Time and number of Connections they attempted. 

See Realtime Connections Overview for more details.

How do I resolve repeated quarantines?

The solution can vary by situation. You may need to supply a record of the quarantine history to your wellbeing staff, teacher or school leadership to guide the user in healthier online behavior.

In this example, the VPN/TOR or proxy application also needs to be removed from the user's device by your school’s IT support.You may also need to access the user’s computer to remove VPNs, applications or settings.

Was this article helpful?
0 out of 1 found this helpful



Please sign in to leave a comment.