Hey guys...so I have a request - Users in my company who are not up to speed on corporate training will be added to the "corp\DelinquentUsers" AD group. I need to make sure that these guys are only allowed to go to 5 websites while they are part of this group.
Currently HTTP access is anything unless its matched in our URL blocking profile (Gambling, drugs, pr0n, religion, etc). If you did NOT match the Delinquent Users AD group, then you would fall through to this rule.
Im a little unclear on how to set up the URL filtering profile. Can I just put a * in the blocked sites dialog and then the 5 sites we allow in the allowed sites?
Putting an "*" in the BLOCK-list will not help you to allow those 5 websites.
The order of precedence taken:
Hence,i would request you to configure a new URL filtering profile for "corp\DelinquentUsers" AD group as mentioned below:
Add this profile in your security policy for user group corp\DelinquentUsers.
Hope this helps.
This is actually really simple:
1. Create a "Custom URL Category" called "DelinquentUsersAllow" or whatever else you wish to name it.
2. Add the 5 URLs to this category
3. Create a new URL Profile called "DelinquentUsersAllow" or whatever else you wish to name it.
4. Set all URL categories in this new URL profile to "block" except for this new category being set to "alert"
5. Create a new rule in security policy which uses the AD group you wish as the source user, and also using this new URL profile.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!