Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience. Visit our blog to learn more.
10-15-2010 01:14 AM
We have a setup where we restrict users access to personal and social sites like twitter and facebook to lunchtimes and out of hours, which is working fine using a schedule.
We however have a select group of users who require full time access to facebook and twitter for the Council pages/accounts (only those sites).
I have tried setting up a rule to allow the Active directory group access to the facebook and twitter applications, but it does not work, it needs web browsing, but then allows that group anywhere.
How can I allow a group of users just to access facebook and twitter in addition to their normal access. Would URL filtering be best ?
Thanks
Lee Hancock
10-18-2010 02:34 PM
You will want to create a rule that allows "source users = Your_group", App = facebook, twitter, whatever" and apply a schedule.
Create 2 or more rules with "App = Web Browsing, SSL". Each one of these web browsing rules can have a different "Source user = ??" and a different URL filtering policy. You can also apply schedules to to each of the web browsing rules. You should not need URL filters for Facebook or Youtube. And your Facebook and Youtube policues do not require web-brosing.
Steve Krall
10-18-2010 02:34 PM
You will want to create a rule that allows "source users = Your_group", App = facebook, twitter, whatever" and apply a schedule.
Create 2 or more rules with "App = Web Browsing, SSL". Each one of these web browsing rules can have a different "Source user = ??" and a different URL filtering policy. You can also apply schedules to to each of the web browsing rules. You should not need URL filters for Facebook or Youtube. And your Facebook and Youtube policues do not require web-brosing.
Steve Krall
10-21-2010 06:12 AM
Hi Steve,
I've looked at the rules again, and based on your reply, got it straight in my head.
Thanks very much for your help.
Lee Hancock
05-17-2011 11:56 AM
I have a PA-500
I have created a "FaceBookers" AD group that contains users allowed to use facebook.
I have also created a policy:
fromTrust to Untrust, Any source, FaceBookers, any destination, SocialNetworking application (64 results incl facebook, myspace,...), any service, Allow, none 24hrs Daily sched.
1) Why are users who are not a part of FaceBookers group still able to access the site?
2) This is all due to the fact we have OS 10.5 Mac's onsite that we need to restrict Facebook access to. Since they do not log into the domain, we cannot restrict via username alone. Any suggestions there?
- Trevor
05-18-2011 10:27 AM
Nevermind, I forgot the Deny all others rule after my allow one. works like a charm (except for Mac client exceptions)
01-27-2012 01:17 PM
You can allow the specific sites for twitter.com and facebook.com in your policies. This will allow you to control them via Apps without needing to open up everything else.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
