How to Install and Configure GAT Shield on Your Domain

In this document we will cover the deployment steps of GAT Shield extension.

To start off go to the Device section of your Google Admin console.
Select Chrome Management from the left hand-side of the screen.

Next, select ‘User  & Browser settings’.

To install GAT Shield extension choose the root Org Unit or a sub-OU.

Scroll down to ‘Apps and extensions’  and click on ‘App extension page‘.

A new window will open where you select the ‘Yellow button‘ on the bottom right corner, then ‘Add the Chrome app or extension by ID‘.

A new pop up window will be displayed, select ‘From a custom URL option‘.
Enter the ID and URL of the Open User Interface or Closed User Interface extension, only one version is necessary. Click Save and Save again.

If you wish to capture webcam images when Shield rules are triggered then you will need to force install the webcam support extension using the same method in as above, just add the different ID and URL.

We recommend enabling these settings in Device Management, Chrome Management, User & Browser Settings. These settings are recommended but not mandatory.

  • In the Apps and Extensions area find the Task Manager setting and switch it to Block users from ending processes with the Chrome Task Manager.
  • In the Security area, find the setting for Incognito Mode and Disallow Incognito mode.
  • In the same section, find the setting Clear Browser History and change it to Do not allow clearing history in settings menu.

Once all of the settings are completed make sure to click on Save.

Two versions of GAT Shield Extension Explained

The Open User Interface Extension allows the chrome user to see their own activity information while using the Chrome browser, including where and how they are spending their time and other useful details about their Chrome environment. This version is also a recommended way for parents to monitor their child’s online activity.

The Closed User Interface will only display a grey GAT Shield icon but the end user can’t access it.

Once the Shield extension is deployed, every user who logs into their Chrome Browser with their domain credentials will have the extension automatically synced. The Chrome user cannot override this setting.

Displaying Serial Numbers in Shield Admin Console

This feature is available only for licensed enterprise enrolled devices

GAT Shield Extension ID and URL

The GAT Shield extension ID and URL information are displayed in the GAT Shield Admin Console.

1. Launch GAT+ on the top left click on GAT+ icon, a menu will be displayed – then select GAT Shield

2. Under the Help section, select Extensions Deployment – the details such as ID and URL for the different Shield extensions will be displayed.  

Note: Depending on your Firewall setup, there might be restrictions set up and not allowing traffic to Shield.
Please check your Firewall settings and allow the following URLs:

https://alert-shield.generalaudittool.com
https://urlaccess-shield.generalaudittool.com
https://shield.generalaudittool.com


These URLs must be reachable and not blocked by your Firewall.

Note: If you install Shield on Sub.OU make sure its ‘Force install Inherited from the domain‘.

When it is set up as ‘Default – Inherited from Google default‘ – Shield will not be active on the selected OU.