Endpoint Protection

 View Only

  • 1.  block sites

    Posted Apr 24, 2012 05:13 PM

    I have created one group for limited access user.

    I need to block the gmail, ymail and some other site for that group user's.

    pls confirm is it possible?

    if possible then how to do this setting.



  • 2.  RE: block sites

    Posted Apr 24, 2012 05:27 PM

    Hello,

    It's possible and you can do this with firewall policies from SEP Manager.

    You can do this with step by step guide below;

    http://www.symantec.com/business/support/index?page=content&id=TECH92097

     

    Regards,

    Oykun



  • 3.  RE: block sites
    Best Answer

    Trusted Advisor
    Posted Apr 24, 2012 05:35 PM

    Hello,

    A Quick Note: It is important to have the Application and Device control and Firewall Installed on each Client machine. 

    Here are few Articles for the same:

    How to Restrict Users to Specific Web Sites by Creating Firewall Rules for Managed Clients
     
     
    How to block all website and allow only certain websites using Network Threat Protection Firewall rule.
     
     
    How To Block Internet address via Sep Manager Firewall Rule
     

     

    There are few Threads on the same issue as well, I would suggest a quick look into the same.

    https://www-secure.symantec.com/connect/forums/block-web-sites

    https://www-secure.symantec.com/connect/forums/custom-ips-signature-website-blocking

    https://www-secure.symantec.com/connect/forums/how-block-access-specific-websites-both-url-and-ip-address

    https://www-secure.symantec.com/connect/forums/website-blocking-custom-ips-signatures

     

    Hope that helps!!



  • 4.  RE: block sites

    Posted May 01, 2012 02:39 AM

     

    Solution: NOTE: This rule is created to block Google,this rule can be used to block any website that is needed by making changes accordingly.
    NOTE: The following steps require that you have Network Threat Protection and Intrusion Prevention installed on the client. 

    In the SEPM console, in the system navigation bar, click Policies
    In the View Policies navigation bar, select Intrusion Prevention
    In the Tasks list, click Add a Custom Intrusion Prevention Signatures.
    In the Custom Intrusion Prevention Signatures window, set the Name of the policy to Block Google (just an example, you can choose the website that you need to block).



    Under the Signature tab, in the Signature Groups section, click Add
    In the Intrusion Prevention Signature Group dialog, add the Group Name and Description as shown below, and then click OK.
    Group Name: Block Google 
    Highlight the newly created Signature Group (Block Google), then in Signature for this Group section, click Add
    In the Add Signature window, fill in the following information shown below:




    In the Content section add the following text:

    rule tcp, dest=(80), msg="GOOGLE BLOCKED", content="www.google.com"




    Under the Action section do the following:



    Click OK to close the Add Signature window. 
    Click OK to close the Custom Intrusion Prevention Signatures window. 
    When prompted to assign the policy, click Yes
    In the Assign Intrusion Prevention Policy window, click the Global group, and then click Assign.



    Click Yes to confirm policy changes. 
    Click OK to close the Intrusion Prevention Policies Changes dialog. 
    BLOCK GOOGLE policy now appears in the console under Intrusion Prevention Policies.

    Note: If a site is being blocked and you want to allow it you can use the same steps but under action select allow.

     

    Open the following link to get the more information:-

    http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/9c561a4628b3c9a44925747f007b19cd?OpenDocument