Tips on how best to block web access from Mac hosts

Question

Running latest xg firmware is on Intel core 2 duo with 4 gb ram. 
 Curious to know how best to block access from certain Mac hosts/list using an access time? 
 Running a basic setup, would simply like to block kids iOS devices during the week and enable Chromebook web access for homework time. 
 Currently using firewall policies at top of list ... But didn't see where I could use access times?? Eg deny during homework time ...custom access time 
 Still trying to learn the ropes with xg firewall after spending a little over a year with UTM 9 
 Thanks

AzRoN · Accepted Answer

There's no operating system based access controls you can append to rules, instead you should define 'clientless' objects within your XG with the kids devices' MAC addresses associated to each different clientless object. 
 Now that you've identified each unique device you can associate these devices within your security rules to block or allow them during certain times. 
 Additionally, within your Security Rules, within the 'Source' definition section you can associate a 'During Scheduled Time' element which will enforce the rule during the times you define. There are many presets you can use (for example, work hours, weekends) but you can add one to your liking. 
 You should be then able to build rules that block your kids iOS device during home work time (LoL - poor kids) and then only allow then to use other approved devices... 
 Good luck with your kids, I hope they don't have physical access to the XG as I'm sure they'll kick it and then blame the family pet ;) Mine did...

sachingurung · Answer

Hi, 
 Configure a FW-rule, define MAC address in the Source Zone and the Scheduled time for the rule to be active. Place the rule on top. 
 
 You can also configure the custom filter actions to allow and deny specific categories. 
 I would like to mention that instead of completely relying upon XG to take care of restrictions, you must step in and personally keep an eye. 
 Thanks