Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Blocking applicaton using firewall rules

Created: 04 Jun 2010 | 7 comments

trying to block yahoo messenger using firewall rules, but s not workng. Attaching a screenshot of firewall rules for analysis.

Comments 7 CommentsJump to latest comment

Rafeeq's picture

for any rules to work you need to have all the three components installed
av/as
ptp
ntp
try using application and device control to block messenger
all the rules are mentioned here; give it a try will work
https://www-secure.symantec.com/connect/forums/block-applications-yahooskypegtalk-etc-using-application-and-device-control-policy#comment-3317971

kalyan makkena's picture

Accept that application device control policy is effective, but i cannot block it according to particular time, say after office hours i cannot enable them back, so i am looking at firewall rules.

P_K_'s picture

Move the rule to the top and see if  that helps.

MCT MCSE-2012 Symantec Technical Specialist (SCTS)

Hadi's picture

Hi
IPS policy is the better way for blocking yahoo messenger. to do that please follow the instruction:
in the policies menu> Intrusion Prevention> Add an intrusion prevention Policy> enter a name for policy and then go to exceptions menu> Click on Add button> Find "Yahoo IM Login" and select it> Click next and select Block as action. then save the policy and assign it to the group.

curtiplas's picture

Why may I ask do you want to disable messenger during work hours, instead of at all times?

Moin_Sobhan's picture

Hello there,

The easiest way to do this using Firewall rule is as below:

1. Create a Blank Rule and name it as Block Yahoo
2. Double click on Host List (where Local/Remote option box is checked)
3. Under "Remote hosts that apply to the firewall rule:" click Add button
4. From "Type" dropdown list select "DNS domain"
5. Under "DNS Domain" test field type as below:

*.yahoo.com

6. Click OK and then click OK again
7. From the "Action" set it to Block
(You can also set the logging to traffic log so that you can check if the Firewall Blocked it)

8. Assign the policy to the desired Group.

Note: Your clients wouldn't be able to browse www.yahoo.com as well. But there is many other ways you can do it.

Should be all good.

Moin