SonicWALL SonicWALL UTM Appliance manual Applying Application Firewall Polices to Groups/Users

Page 45

Applying Application Firewall Polices to Groups/Users

Application Firewall is a very flexible tool to manage application specific traffic. The goal of this guide is to demonstrate how Application Firewall can be applied to different groups/users. We will use Application Firewall to block domains for specific groups in this example. More examples of what Application Firewall is capable of can be found by reviewing the SonicOS Application Firewall guide here:

HTTP://www.sonicwall.com/downloads/Application_Firewall_5.1e_Feature_Module.pdf HTTP://www.sonicwall.com/downloads/SonicOS_Application_Firewall_Practical_Examples_Guide_tec hnote.pdf

Some good examples include:

Using application firewall to bandwidth limit streaming videos from youtube for the general user population, but allow IT administrators full bandwidth

Scanning documents and files for watermarks to help stem data leakage

Forbid certain file types from download or upload

Restrict HTTP post methods

And more!

Step 1: Navigate to Application Firewall. Select the check box to enable Application Firewall and IP Fragment Reassembly.

Step 2: Under Application Firewall, Navigate to Application Objects and Add a New Object. This new object will be a list of domains that we want to block.

NOTE: you can create a list of domains easily in a simple text file and then import that list.

45

Page 44 Page 46
Image 45
Page 44 Page 46
Contents Contents Page Integrating LDAP/Active Directory with Sonicwall UTM Configuring the CA on the Active Directory ServerImporting the CA Certificate onto the SonicWALL Configuring the SonicWALL Appliance for LdapPage Page Page Page Page Page Page Enable Radius to Ldap Relay Enables this feature Authentication Page Page Page Creating Firewall Rules with Ldap Groups/Users SonicOS Options That Leverage Groups/UsersPage Page Firewall Rules with Bandwidth Management & Logging Page Blocking Domains with Firewall Rules Blocking Websites Domain Names for Groups/UsersPage Page Navigate to Firewall Access Rules Create a rule to allow Http traffic for your allowed lists Do the same for Https Create the deny rules for Http and Https Firewall rules should now look like the below picture Blocking Https SSL Domains with SSL Control Configuring a SSL Blacklist and Whitelist Page Applying Different CFS Policies to Groups Page Creating Custom CFS Policies Navigate to the Policy tab and add a new CFS policy Page Page Page Http//$$fwinterface$$/$#SWLSTYLESCSS#$ Variables for Custom Block Page in SonicOSAdvanced Sample Code for SonicOS Basic Sample Code for SonicOSPage Page Sample Code for SonicOS 5.1 or Earlier Sample JavaScript Code for SonicOSApplying Application Firewall Polices to Groups/Users Page Page Page Page Tightening Control over the Browsing Behavior of Users Blocking IM Traffic Categorically Applying Granular IM Policies Global VPN Client GVC Applying VPN Access Policies to Groups/UsersPage SSL-VPN NetExtender Guest Services Wireless Guest Services
Top Page Image Contents