Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 7004 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allowing All Web Traffic Except Social Media Sites

Asheer Hasan

Hi All,

Is there anybody can help me out to create some specific rules in firewall which will allow all web traffic except social media sites?

 

 

Thanks,

Asheer Hasan



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    please provide a more detailed request? Also are you home or business user?

    Also recommend you search the KBA for assistance so you learn more about your security device.

    Ian

  • 0 in reply to rfcat_vk

    Hi Ian,

    Thanks for your prompt reply. I am a business user of Cyberoam but we're going to move on SOPHOS soon.  Below point will give you the clear picture of my requirement.

    1: I have to allow all web traffic for one department except social media sites but there is one challenge in this , LinkedIn traffic should be allowed and accessible for all users which lies on that department.

    I hope you got my requirements and assist me on the same.

     

    Thanks,

    Asheer

  • 0 in reply to Asheer Hasan

    Hi,

    I can give you some rough guidance, but I suspect you will be better off calling in a specialist or at least your reseller.

    Assumption you are using an AD to authenticate your users.

    You will need a couple of firewall rules based on your authentication groups.

    You will need some web policies and application policies.

    From here I can only guess what other software you will need?

    Ian

  • 0 in reply to Asheer Hasan

    Yes you can configure like this.  There are a few different ways to do it.

    One way would be:

    A single firewall rule for all HTTP/HTTPS traffic, with match known users, show captive portal, applies to all.  Then select a specific Web Policy.

    Within the Web Policy have

    Applies to: HR Department   Category: Job Search   Action: Allow
    Applies to: All Users   Category: Job Search   Action: Block

    The policy is read top-down.  So anyone in HR has access to Job Search.  Or Linked In.  Or whatever.

    To be more specific you can create a URL group or Custom Category for Linked In, containing the domains you want to allow.  Then in the first rule, include that.  In the second rule, Block all Social Networking and Job Search (or whatever categories).

     

    One of the main differences is in Cyberoam all user/group selection is done in the firewall rule.  Although Sophos XG supports that (and you will be migrated to that if you perform an upgrade), XG also support a more powerful set of user/group matching within a single web policy.

Reply
  • 0 in reply to Asheer Hasan

    Yes you can configure like this.  There are a few different ways to do it.

    One way would be:

    A single firewall rule for all HTTP/HTTPS traffic, with match known users, show captive portal, applies to all.  Then select a specific Web Policy.

    Within the Web Policy have

    Applies to: HR Department   Category: Job Search   Action: Allow
    Applies to: All Users   Category: Job Search   Action: Block

    The policy is read top-down.  So anyone in HR has access to Job Search.  Or Linked In.  Or whatever.

    To be more specific you can create a URL group or Custom Category for Linked In, containing the domains you want to allow.  Then in the first rule, include that.  In the second rule, Block all Social Networking and Job Search (or whatever categories).

     

    One of the main differences is in Cyberoam all user/group selection is done in the firewall rule.  Although Sophos XG supports that (and you will be migrated to that if you perform an upgrade), XG also support a more powerful set of user/group matching within a single web policy.

Children