Video Screencast Help

Blocing of URL independent of browsers

Created: 15 Jul 2013 • Updated: 15 Jul 2013 | 8 comments
This issue has been solved. See solution.

hi guyz

i have been searching ways to block urls using symantec and i have applay polices on my SEPPM and blocked myny wensites. but i was woundering is there a way to block URLs without defining browsers ? i mean if i block www.facebook.com it is blocked on all the browsers without defining them one by one.

i am using SEPM 12.1.3.

Operating Systems:

Comments 8 CommentsJump to latest comment

Rafeeq's picture

URL blocking is not dependent on Web browser.

if facebook is blocked in IE , it will be blocked in chrome also.

blackvirus009's picture

how? because when i set a rule in firewal policy it is also asking me about the browser. 

Rafeeq's picture

Hello,

Follow these steps as You do not want the users to visit to any website except for certain sites no matter what browser they use.

Solution

The above configuration can be done by creating only 2 firewall rules. Please follow the below steps to configure the rules.

1. Go to Firewall policy > Rules.

2. Click on Add Rule button. Select Host > Next > From Address Type drop down menu select DNS domain.

3. Select DNS Domain as *.* then Click Next > Click Finish.

4. Once the rule is created, highlight the New Rule. Go to Service column, right click and edit, then select Add. The rule will be TCP, Source/destination with remote port 80,443 click ok and ok again. Then go to Action column and make it set to "Block".

The above rule is to block all the websites. To create a rule to allow only selected websites, please follow the steps below.

1. Go to firewall policy> Rules.

2. Click on Add Rule. Select Host > Next > From Address Type drop down menu select DNS domain.

3. Enter DNS Domain as *.*symantec*.* This is an example which means all the urls related to symantec will be allowed.

4. Click Next > Click Finish. Multiple websites can be added to the same rule.

5. Once the rule is created, highlight the new rule. Go to Action column and make it to Allow.

Note: Place the "Allow" rule on top of "Block" rule.

Assign the policy to the required group. This will allow only the selected website and block all other website.

Hope that helps!!

SOLUTION
blackvirus009's picture

ok now i will take it in different direction. will it work if i allow all the sites accept one site?

Rafeeq's picture

Yes it will. Have you tried doing the same with IPS 

To use custom IPS, use the following syntax:

rule tcp, dest=(0), saddr=&LOCALHOST, msg="Website Blocked", content="example.com"

You may need to change the dest=(0) to whatever port such as 80 or 443, assuming you use the standard web browsing port.

blackvirus009's picture

no i havent tried the IPS yet.

by the way i was using SEPM 11.0.6 upuntil now but in SEPM 12.1.3 the ruke defining is different ,. it havent asked me about the host or ip whn i click next as it was in 11.0.6. 

Rafeeq's picture

try the option and let us know if u have any issues.