This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Protection

HI

i am running Sophos UTM home edition in an active directory
How can i block few websites for a user or group
i am able to block for all users but not for single user or group.
Running in transparent mode.

Thanks & Regards
Tony

This thread was automatically locked due to age.

0 Ol Deda over 12 years ago

in Definitions & Users create a new group
name:AD to Block
Group Type: Backend Membeship
query the AD and select the group you created in AD with users to block

Now you can use the group "AD to Block" in any environment in WebProxy for testing
If you are unable to block you have to use "Profile Mode"

p.s Creating two groups in AD "WebAllow" and "WebDeny" will be more easier to manage users in AD and not in UTM next time.
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 12 years ago

Hi, Tony, and welcome to the User BB!

Configuring HTTP/HTTPS proxy access with AD SSO with a Sophos UTM should help you implement Olsi's suggestion.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 newage over 12 years ago in reply to Ol Deda

in Definitions & Users create a new group
name:AD to Block
Group Type: Backend Membeship
query the AD and select the group you created in AD with users to block

Now you can use the group "AD to Block" in any environment in WebProxy for testing
If you are unable to block you have to use "Profile Mode"

p.s Creating two groups in AD "WebAllow" and "WebDeny" will be more easier to manage users in AD and not in UTM next time.

How to do it in profile mode

also "Now you can use the group "AD to Block" in any environment in WebProxy for testing"
where is the web proxy all i see is web filtering, web filtering profiles, application control and ftp
and under web filtering Global to Https CAs
Cancel
Vote Up 0 Vote Down

Cancel
0 Ol Deda over 12 years ago

My mistake, webproxy we call the Web Protection
Cancel
Vote Up 0 Vote Down

Cancel
0 newage over 12 years ago in reply to Ol Deda

My mistake, webproxy we call the Web Protection

How to do in profile mode
Cancel
Vote Up 0 Vote Down

Cancel
0 Ol Deda over 12 years ago

In the article writed by Bob it is well explained the AD sync and Profile mode
Remeber the goal is the AD query (sync) first
Cancel
Vote Up 0 Vote Down

Cancel
0 newage over 12 years ago in reply to Ol Deda

Profile mode is not explained
Cancel
Vote Up 0 Vote Down

Cancel
0 Ol Deda over 12 years ago

There is a schema in Utm, that is the logic of Profile mode
The request is handled by this order
Group: alllow all
group: allow some
Group deny all

Default profile: no internet

Focus on AD syncronization first
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 12 years ago

There's another document that several of us here have worked on, "Configure HTTP Proxy for a Network of Guests," that might help you understand how to do what you want - send an email to my username here @ the domain name in my signature if you would like for me to send that to you.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel