SonicWALL SonicWALL UTM Appliance manual Blocking IM Traffic Categorically

Page 51

Turn on Gateway AV and Antispyware – turn all settings on.

If you really want to block everything, the most drastic step you can take is to unplug the firewall from the wall.

Applying Intrusion Prevention Service Signatures to Groups/Users

There are 2 different methods of leveraging IPS signatures. The first method is with Application Firewall. Since we’ve already covered Application Firewall in some detail, we’ll move right into IPS signature management for groups/users.

Step 1: Navigate to Security Services > Intrusion Prevention. Make sure to enable IPS, and then enable IPS for your respective Zones.

With IPS, you can categorically Prevent and/or Detect different types of undesirable traffic. IPS classifies signatures into 3 different categories - High, Medium, and Low. For a more granular approach to signature management, disable the signature category setting and then manage signatures at the group or individual level. In this first example, we will block all instant messenger traffic for a group, but allow it for others.

Blocking IM Traffic Categorically

Step 1: Select IM from the category list and click on configure.

We will block all IM traffic for our Test Active Directory Group and exclude Administrators from this setting.

51

Image 51
Contents Contents Page Integrating LDAP/Active Directory with Sonicwall UTM Configuring the CA on the Active Directory ServerImporting the CA Certificate onto the SonicWALL Configuring the SonicWALL Appliance for LdapPage Page Page Page Page Page Page Enable Radius to Ldap Relay Enables this feature Authentication Page Page Page Creating Firewall Rules with Ldap Groups/Users SonicOS Options That Leverage Groups/UsersPage Page Firewall Rules with Bandwidth Management & Logging Page Blocking Domains with Firewall Rules Blocking Websites Domain Names for Groups/UsersPage Page Navigate to Firewall Access Rules Create a rule to allow Http traffic for your allowed lists Do the same for Https Create the deny rules for Http and Https Firewall rules should now look like the below picture Blocking Https SSL Domains with SSL Control Configuring a SSL Blacklist and Whitelist Page Applying Different CFS Policies to Groups Page Creating Custom CFS Policies Navigate to the Policy tab and add a new CFS policy Page Page Page Http//$$fwinterface$$/$#SWLSTYLESCSS#$ Variables for Custom Block Page in SonicOSAdvanced Sample Code for SonicOS Basic Sample Code for SonicOSPage Page Sample Code for SonicOS 5.1 or Earlier Sample JavaScript Code for SonicOSApplying Application Firewall Polices to Groups/Users Page Page Page Page Tightening Control over the Browsing Behavior of Users Blocking IM Traffic Categorically Applying Granular IM Policies Global VPN Client GVC Applying VPN Access Policies to Groups/UsersPage SSL-VPN NetExtender Guest Services Wireless Guest Services