Enforcing safe search features in Access rules
The safe search feature helps schools and other organizations to limit web searches and filter out potentially offensive content from search results. If end users change the safe search settings in the browser, safe search is not disabled.
You can enforce safe search in two ways:
DNS method
When you use the DNS (TCP with SafeSearch) or DNS (UDP with SafeSearch) services, the Engine redirects searches by changing the DNS response. You can see the supported search engines on the Protocol Parameters tab in the properties of the Service element. The supported search engines might be updated when a new dynamic update package is activated.
HTTP request modification method
When you use the HTTP (SafeSearch) or HTTPS (SafeSearch with decryption) services, the Engine modifies the search request by adding a restriction parameter to the search URL. For safe search enforcement to apply to HTTPS, TLS inspection must be configured, and you must enable decryption in the Access rule for HTTPS traffic. The Microsoft Bing and Yahoo search engines are supported.