Video Screencast Help

block sites

Created: 24 Apr 2012 • Updated: 04 May 2012 | 3 comments
This issue has been solved. See solution.

I have created one group for limited access user.

I need to block the gmail, ymail and some other site for that group user's.

pls confirm is it possible?

if possible then how to do this setting.

Comments 3 CommentsJump to latest comment

oykunsatis's picture

Hello,

It's possible and you can do this with firewall policies from SEP Manager.

You can do this with step by step guide below;

http://www.symantec.com/business/support/index?page=content&id=TECH92097

 

Regards,

Oykun

Mithun Sanghavi's picture

Hello,

A Quick Note: It is important to have the Application and Device control and Firewall Installed on each Client machine. 

Here are few Articles for the same:

How to Restrict Users to Specific Web Sites by Creating Firewall Rules for Managed Clients
 
 
How to block all website and allow only certain websites using Network Threat Protection Firewall rule.
 
 
How To Block Internet address via Sep Manager Firewall Rule
 

 

There are few Threads on the same issue as well, I would suggest a quick look into the same.

https://www-secure.symantec.com/connect/forums/block-web-sites

https://www-secure.symantec.com/connect/forums/custom-ips-signature-website-blocking

https://www-secure.symantec.com/connect/forums/how-block-access-specific-websites-both-url-and-ip-address

https://www-secure.symantec.com/connect/forums/website-blocking-custom-ips-signatures

 

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
Baljeet's picture

 

Solution: NOTE: This rule is created to block Google,this rule can be used to block any website that is needed by making changes accordingly.
NOTE: The following steps require that you have Network Threat Protection and Intrusion Prevention installed on the client. 

In the SEPM console, in the system navigation bar, click Policies
In the View Policies navigation bar, select Intrusion Prevention
In the Tasks list, click Add a Custom Intrusion Prevention Signatures.
In the Custom Intrusion Prevention Signatures window, set the Name of the policy to Block Google (just an example, you can choose the website that you need to block).

Under the Signature tab, in the Signature Groups section, click Add
In the Intrusion Prevention Signature Group dialog, add the Group Name and Description as shown below, and then click OK.
Group Name: Block Google 
Highlight the newly created Signature Group (Block Google), then in Signature for this Group section, click Add
In the Add Signature window, fill in the following information shown below:

In the Content section add the following text:

rule tcp, dest=(80), msg="GOOGLE BLOCKED", content="www.google.com"

Under the Action section do the following:

Click OK to close the Add Signature window. 
Click OK to close the Custom Intrusion Prevention Signatures window. 
When prompted to assign the policy, click Yes
In the Assign Intrusion Prevention Policy window, click the Global group, and then click Assign.

Click Yes to confirm policy changes. 
Click OK to close the Intrusion Prevention Policies Changes dialog. 
BLOCK GOOGLE policy now appears in the console under Intrusion Prevention Policies.

Note: If a site is being blocked and you want to allow it you can use the same steps but under action select allow.

 

Open the following link to get the more information:-

http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/9c561a4628b3c9a44925747f007b19cd?OpenDocument

Regard's

Baljeet Singh

9910125805