Browser Games sperren UTM

UTM will filter on every URL that it sees, including embedded content references.  It will block any web component that does not have an acceptable category or reputation.

If a URL uses HTTPS, and decrypt-and-scan is off, you can only filter on the FQDN because the path and querystring are in the encrypted portion of the packet.   For granular control, you must enable decrypt-and-scan, which has its own management headaches but is probably necessary to achieve what you want.  When decrypt-and-scan is enabled, or when the site is http, UTM applies categories based on the FQDN and path, since some sites serve many purposes.

I recommend blocking "uncategorized" sites, then applying an override category as needed for URLs that are acceptable.   The number of websites is nearly infinite, so any categorization database will be incomplete.   The bad guys are known to change their web identity regularly, so an uncategorized site has an increased risk of being hostile.

When applying a category override, use a Website object applied to either the FQDN, or applied to the organization (by specifying the domain name and choosing "apply to subdomains".)

I also suggest you use "remove embedded objects" by default (Filter Action, Antivirus tab).  This partially blocks Java, Flash, and ActiveX.  Then create an exception to enable them for acceptable categories. The block is imperfect.  It blocks components referenced with an <object> tag, but cannot block components launched dynamically from javascript code.  My theory is that some games may need to use these components, but the component may not be known to the categorization database as a game.  Besides, Java and Flash have a long history of security problems.   ActiveX can/should be controlled with the ActiveX installer service and Group Policies.

I do not recommend disabling Javascript.  Nearly every website will break.

Get a (free) account on TrustedSource.org and submit category corrections there (database is McAfee SmartFilter 4.2 (XL-1).  They will re-evaluate a website in a day and send you results by email.  Once you have their results, you can either apply manual overrides to UTM, or wait for them to appear automatically in UTM after a delay (of up to a week).   Submitting corrections to the Sophos webpage starts the same process, but the user interface is inferior and you do not receive any feedback.

UTM will filter on every URL that it sees, including embedded content references.  It will block any web component that does not have an acceptable category or reputation.

If a URL uses HTTPS, and decrypt-and-scan is off, you can only filter on the FQDN because the path and querystring are in the encrypted portion of the packet.   For granular control, you must enable decrypt-and-scan, which has its own management headaches but is probably necessary to achieve what you want.  When decrypt-and-scan is enabled, or when the site is http, UTM applies categories based on the FQDN and path, since some sites serve many purposes.

I recommend blocking "uncategorized" sites, then applying an override category as needed for URLs that are acceptable.   The number of websites is nearly infinite, so any categorization database will be incomplete.   The bad guys are known to change their web identity regularly, so an uncategorized site has an increased risk of being hostile.

When applying a category override, use a Website object applied to either the FQDN, or applied to the organization (by specifying the domain name and choosing "apply to subdomains".)

I also suggest you use "remove embedded objects" by default (Filter Action, Antivirus tab).  This partially blocks Java, Flash, and ActiveX.  Then create an exception to enable them for acceptable categories. The block is imperfect.  It blocks components referenced with an <object> tag, but cannot block components launched dynamically from javascript code.  My theory is that some games may need to use these components, but the component may not be known to the categorization database as a game.  Besides, Java and Flash have a long history of security problems.   ActiveX can/should be controlled with the ActiveX installer service and Group Policies.

I do not recommend disabling Javascript.  Nearly every website will break.

Get a (free) account on TrustedSource.org and submit category corrections there (database is McAfee SmartFilter 4.2 (XL-1).  They will re-evaluate a website in a day and send you results by email.  Once you have their results, you can either apply manual overrides to UTM, or wait for them to appear automatically in UTM after a delay (of up to a week).   Submitting corrections to the Sophos webpage starts the same process, but the user interface is inferior and you do not receive any feedback.