SonicWALL SonicWALL UTM Appliance manual Blocking Websites Domain Names for Groups/Users

Page 22

NOTE: You can create a firewall rule for any given user/group and restrict that group’s overall bandwidth for any network service/protocol. Consider also using Application Firewall which allows more granular control of bandwidth policies.

Blocking Websites (Domain Names) for Groups/Users

Enhanced SonicOS has a few mechanisms at your disposal to block websites from users, such as:

•FW rules

•Application Firewall (all NSA models and PRO series 3060 or higher)

•Content Filter Service (CFS)

•SSL Control

Blocking Domains with Firewall Rules

To block domains with FW rules, you must first create an address object (AO) for the fully qualified domain name (FQDN). In the following example, we will create an AO for google.com and yahoo.com. After those have been created, we will put those AOs in an AO Group. Less work is involved by creating FW rules for AO Groups instead of individual address objects.

For more details on how to create AO by using FQDN objects or MAC addresses, refer to the follow paper: Dynamic Objects HTTP://www.sonicwall.com/downloads/Dynamic_Address__Objects_FM.pdf

Step 1: Create an AO for google.com by navigating to Network > Address Objects.

22

Image 22

Contents Contents Page Configuring the CA on the Active Directory Server Integrating LDAP/Active Directory with Sonicwall UTMConfiguring the SonicWALL Appliance for Ldap Importing the CA Certificate onto the SonicWALLPage Page Page Page Page Page Page Enable Radius to Ldap Relay Enables this feature Authentication Page Page Page SonicOS Options That Leverage Groups/Users Creating Firewall Rules with Ldap Groups/UsersPage Page Firewall Rules with Bandwidth Management & Logging Page Blocking Websites Domain Names for Groups/Users Blocking Domains with Firewall RulesPage Page Navigate to Firewall Access Rules Create a rule to allow Http traffic for your allowed lists Do the same for Https Create the deny rules for Http and Https Firewall rules should now look like the below picture Blocking Https SSL Domains with SSL Control Configuring a SSL Blacklist and Whitelist Page Applying Different CFS Policies to Groups Page Creating Custom CFS Policies Navigate to the Policy tab and add a new CFS policy Page Page Page Variables for Custom Block Page in SonicOS Http//$$fwinterface$$/$#SWLSTYLESCSS#$Basic Sample Code for SonicOS Advanced Sample Code for SonicOSPage Page Sample JavaScript Code for SonicOS Sample Code for SonicOS 5.1 or EarlierApplying Application Firewall Polices to Groups/Users Page Page Page Page Tightening Control over the Browsing Behavior of Users Blocking IM Traffic Categorically Applying Granular IM Policies Applying VPN Access Policies to Groups/Users Global VPN Client GVCPage SSL-VPN NetExtender Guest Services Wireless Guest Services