How to block Proxy address using SEPM 12 RU2
Created: 13 Feb 2013 | Updated: 14 Feb 2013 | 4 comments
This issue has been solved. See solution.
Hello,
I have been given two proxies to see whether it can be blocked through SEPM 12 RU2. How to block this? I understand we can block websites using Firewall rule, but what about proxies:
Pro.matt1.net:9999
96.239.90.60:8164
Discussion Filed Under:
Comments 4 Comments • Jump to latest comment
Do you want to block the ports? 9999 and 8164 only or do you want to block by the IP and hostname?
You can create a firewall rule to block those remote ports or even by the hostname and specific IP address you listed
SEP Knowledge Base
Endpoint SWAT
Well, I'd like to block both the IP and hostname.
Marriage Made in Heaven
If God is for us, who can be against us? --- Romans 8:31
This should work for hostname and IP:
Blocking a Website using Symantec Endpoint Protection
Once you create the rule for the hostname, do the same steps for IP just select "IP address" instead of DNS domain
Go into your FW policy
Select Add Rule and give it a name
Select Block connection
Apply to all applications
Select "only the computers and sites listed below"
Click Add
Select DNS Domain (than select IP address to block by IP after click OK and ADD again
Leave radio button to block al types of communication
Select if you want to log or not
Click Finish and move to top
SEP Knowledge Base
Endpoint SWAT
Check this also
The above configuration can be done by creating only 2 firewall rules. Please follow the below steps to configure the rules.
1. Go to Firewall policy > Rules.
2. Click on Add Rule button. Select Host > Next > From Address Type drop down menu select DNS domain.
3. Select DNS Domain as *.* then Click Next > Click Finish.
4. Once the rule is created, highlight the New Rule. Go to Service column, right click and edit, then select Add. The rule will be TCP, Source/destination with remote port 80,443 click ok and ok again. Then go to Action column and make it set to "Block".
The above rule is to block all the websites. To create a rule to allow only selected websites, please follow the steps below.
1. Go to firewall policy> Rules.
2. Click on Add Rule. Select Host > Next > From Address Type drop down menu select DNS domain.
3. Enter DNS Domain as *.*symantec*.* This is an example which means all the urls related to symantec will be allowed.
4. Click Next > Click Finish. Multiple websites can be added to the same rule.
5. Once the rule is created, highlight the new rule. Go to Action column and make it to Allow.
Note: Place the "Allow" rule on top of "Block" rule.
Assign the policy to the required group. This will allow only the selected website and block all other website.
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Would you like to reply?
Login or Register to post your comment.