Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 9 replies
  • Answers 2 answers
  • Subscribers 28 subscribers
  • Views 5296 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block all traffic except gmail.

Chandra Prakash

Hi Mates,

 

I want to block all traffic except gmail. I want only access for gmail and rest other thing I want to block . Can anyone suggest me or is there any link or article that anyone can share?

 



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to rfcat_vk

    I want each and everything to block even it's a software update. Gmail is web based

  • 0 in reply to Chandra Prakash

    Hi, the rule will look a bit like this

    source LAN network any

    destination WAN network *.gmail.com

    protocol https http

    scan http, ftp, block QUIC

    log

    IPS LAN to WAN

    WEB - allow

    application - Allow

    The application and web can be tuned later if need be. MASQ How do you plan to handle the websites contained within mail messages?

    Ian

  • 0 in reply to rfcat_vk

    I doubt that you will have much success with this. Neither allowing access to *.gmail.com will work, because Gmail is hosted on many different domain names (none of which is gmail.com, by the way), nor did you put a rule in that would block the rest (everything but gmail). 

    I would rather use Application Filtering here. E.g. have an App Filter profile that only allows Gmail (which exists as an App in the database) and then add a second rule below that denies any any all. 

  • 0 in reply to cryptochrome

    Hi,

    while you might be correct about gmail.com, you do not require a block rule. By default XG blocks all traffic until you create an allow rule.

    Instead of *.gmail.com use smtp.gmail.com and imap.gmail.com.

    Ian

     

    another thought, try accounts.google.com. The urls I posted above only work if you have a mail client.

  • 0 in reply to rfcat_vk

    Easiest way to do this is with a firewall rule that only allows port 80/443.

    Then open up developer tools of your browser and check what domains gmail uses. Add these to a whitelist and block all other traffic. 

  • 0 in reply to MasterRoshi

    That is actually not the easiest method as it is unreliable and needs constant attention (updating it every time Google adds new URLs, which is quite common). 

    The easiest, most reliable option is to use Application Filtering. Sophos are doing the work for you. App Filtering is able to detect Gmail in your traffic, no matter the URL. Create an App Filter profile with two rules. One rule denies everything, and another rule using a smart filter with the word "gmail" and set that to allow. Put that app filter profile in a firewall rule and you're all set. 

    Since we're using a smart filter here, the filter will automatically update when new application signatures containing the words "gmail" are made available. 

    You probably won't have to touch that rule ever again after setting it once.