Endpoint Protection

 View Only
  • 1.  Help with the SEP 12.1 Firewall.

    Posted Oct 26, 2011 08:27 AM

     


    I need to create a policy to block the use of the Internet customers with SEP 12.1. But it's not working.

    Whenever I create a new policy, not only blocks but blocks all internet (remote access,shared folders on the network, etc ...) I want is to block the Internet, only the internet.

    Anyone have any tips?


  • 2.  RE: Help with the SEP 12.1 Firewall.

    Posted Oct 26, 2011 08:58 AM

    Is that what you're trying to block?

    If you take your 'Block All' rule, and change the 'Service' field to 'HTTP Server', the rule should then block the default tcp ports used for web-browsing.  Note that these ports are likely different if you use a proxy.



  • 3.  RE: Help with the SEP 12.1 Firewall.

    Posted Oct 26, 2011 09:29 AM

    Hi, you can create a new rule and place it at the top level, you have to apply the rule both inbound and outbound connection for all application, for all traffic with remote port "80".

    After do that if you want to allow specific site or a proxy or a application that work on internet port (es. dropbox) you can create an allow rule specific and place it over the block rule.

    Tell me if you have more questions.



  • 4.  RE: Help with the SEP 12.1 Firewall.

    Posted Oct 26, 2011 09:04 PM

    Sorry do not understand.
    For example, at work I have the proxy server port 1234, how should I configure the firewall rule to block the internet? Or some specific site: *. facebook.com

    If in service, I put 80 HTTP: 8080 does not work and does not block anything.

    If I put in service ANY, blocks everything ....( WEB [All Sites], REMOTE ACCESS,Shared Folders.)

    I apologize for not having understood.



  • 5.  RE: Help with the SEP 12.1 Firewall.



  • 6.  RE: Help with the SEP 12.1 Firewall.

    Posted Oct 27, 2011 04:49 AM

    If you want to block all site you have to create a new service and specify tcp remote port 80, from the kb:

    "Once the rule is created, highlight the New Rule. Go to Service column, right click and edit, then select Add. The rule will be TCP, Source/destination with remote port 80,443 click ok and ok again. Then go to Action column and make it set to "Block"."

     

    If you want to block only one site, create a rule for all service, and in host specify "dns host" like this : *.*facebook*.*

    If you want to block all site, except some you can create the rule to block all and over this rule make a new allow rule with dns host the url you want to unblock.