Video Screencast Help

URL Filtering Exceptions

Created: 06 May 2010 • Updated: 07 Nov 2010 | 1 comment
Luís Ramos's picture

HI All,

I want to create URL filtering exceptions on my web gateway 8450.
My idea is to for example, deny access to site aaa.com except for users/group that I explicit mencioned (user/group that exist in Active Directory); I have to install the Domain Controller Interface, right?
Can someone tell me if this is compatible with 2008 Domain Controllers?

Many thanks,

Luis

Discussion Filed Under:

Comments 1 CommentJump to latest comment

KevK76's picture

Hi Luis,

So certainly what you want to do here is create a new group policy to apply to the specific users or computers you want here.  You can do this based on IP or subnet, but if you do want to do this based on AD user, group, or OU then you'll need to integrate with AD. 

If looking to integrate with AD you have two options using DC Interface as you mentioned, or using NTLM Authentication(you can find documentation on both methods in the Implementation Guide).

If you have under a few thousand users and not so many domain controllers, I'd probably recommend DC Interface(you will need to install an agent to all DC's in the environment).

It sounds like the url you are talking about is blocked by a certain group you are blocking for everyone at the moment?

Once you get everything setup, you then have a few options, you can allow access to this ulr group in the new group policy, or you can create a content filtering exception for the specific url at the bottom of the policy.

AD 2008 is supported by both DC Interface and NTLM Authentication, however only in recent versions, so make sure you running the latest version(most recent is 4.5.3.38).

That's a start for you anyway.

Kevin