Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrade.
Please accept our apologies in advance for any inconvenience this might cause.

Block a particular Website

Created: 16 Feb 2012 • Updated: 16 Feb 2012 | 3 comments
This issue has been solved. See solution.

Hi

Want to block a particular website and allow specific

Regards

Comments 3 CommentsJump to latest comment

SameerU's picture

Please do the following:

For example, if you want to allow www.symantec.com (or some other website) but want to block all other web sites, you can accomplish this by creating two custom rules:

The "Allow Symantec" Rule

  1. In the Symantec Endpoint Protection Manager (SEPM) console, under the Clients view, select the Group where you want to apply this policy.
  2. Select Policies tab on right side.
  3. Double-click the Firewall policy and select Edit Shared when prompted.
  4. In the Firewall Policy window select Rules.
  5. Click the Add Blank Rule button. A blank rule is added to the list.
  6. Change the name of new rule to (for example) "Allow Symantec", and then select the appropriate Severity.
  7. Double-click in the Application cell to invoke the Application List dialog box.
  8. Select Add to invoke the Add Application dialog box and enter iexplore.exe (or firefox.exe) to allow Internet Explorer (or Firefox) to go to symantec.com.
  9. Click OK twice to return to the firewall policy window.
  10. Double-click the Host cell to invoke the Host List dialog box.
  11. With the Source/Destination option enabled, click Add from the Source section and enter the IP address or IP range of the computers to be allowed.
  12. From the Destination section, click Add, select DNS Domain from the Type drop-down list and enter *.symantec.com. Click OK twice again to return to the Firewall Policy window.
  13. Leave Service at Any and select Action to Allow.
  14. You may also enable logging by selecting Write to Traffic log from the Logging column.

The "Block All Websites" Rule

  1. In the Symantec Endpoint Protection Manager (SEPM) console, under the Clients view, select the Group where you want to apply this policy.
  2. Select Policies tab on right side.
  3. Double-click the Firewall policy and select to Edit Shared when prompted.
  4. In the Firewall Policy window select Rules.
  5. Click the Add Blank Rule button. A blank rule is added to the list.
  6. Change the name of new rule to (for example) "Block All Websites", then select the appropriate Severity.
  7. Double-click in the Application cell to invoke the Application List dialog box.
  8. Click the Add button and enter iexplore.exe (or firefox.exe) to block Internet Explorer (or Firefox) traffic to any website.
  9. Click OK twice to return to the Firewall Policy window.
  10. Double-click in the Host cell to invoke the Host List dialog box. Ensure that Source/Destination is enabled and click Add to enter the source and IP address or IP range of the computers to be blocked .
  11. Under Destination click Add and select DNS Domain from the Type drop-down list.
  12. Enter an asterisk (*).
  13. Click OK twice again to return to the Firewall Policy window.
  14. Leave Service at Any and select an Action of Block.
  15. You may also enable logging by selecting Write to Traffic log at Logging column.

Once your rules are in place, move the "Allow Symantec" rule to the top of the rule list and the "Block All Websites" rule to the number two position.
 

SOLUTION