Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 15 subscribers
  • Views 1754 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block all web sites, allow a few URLs

Adrian Henderson

Hello,

We are trialing this endpoint system.  With our current platform I can set a deny all, but allow just Office 365 URL's to allow outlook/webmail only.  Is this possible?  I don't really see any options to set that up?



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi Adrian,

    In general, the Endpoint Web Control is more meant to prevent access to specific websites with a default allow. You could achieve this goal, but it would be cumbersome.

    A better product for that sort of thing is the SFOS (Sophos Firewall) since it can sit at the demarc and can have more robust filtering options - such as acting as a web proxy. https://www.sophos.com/en-us/products/next-gen-firewall.aspx 

  • 0 in reply to FormerMember

    Thanks. This is a simple check box in Kaspersky endpoint.  We have an XG, but the procedures to do that is really involved,  with user sync and logins, enable SSL inspection.certificate etc. 

  • 0 in reply to Adrian Henderson

    You don't need to use all related XG features to do what you want, which I think lowers the complication factor a lot.

    All you need to do is have one Firewall rule to drop all HTTP/HTTPS traffic destined for the WAN, and above it place a rule that allows HTTP/HTTPS traffic but only to the websites you want to allow. Have these two rules early in the Firewalls Rules so that HTTP/HTTPS traffic is dropped before other rules that might allow it due to other factors.

    For the HTTP/HTTPS traffic that you allow, you should impost the appropriate CFS, IPS, and decryption conditions that make sense.

  • 0 in reply to Wayne Folta

    Thanks.  But it's not for everyone, just a few PC's so that does involve either restricting by the user log in or statically assigning/reserving an address etc.  Comparably, I just wish there was a feature that could handle it along with blocking ZIP/Archives in the allowed downloads options with ease.

  • FormerMember
    0 FormerMember in reply to Adrian Henderson

    we are currently updating our Web Control offering. I will talk to the PM and dev team and see if we can include something like this or if the new offering will have an easier way of configuring it.

Reply Children
  • 0 in reply to FormerMember

    Thanks Richard. If you have their ear, can they add an option to block/warn/allow archive files like zips etc?

    Also, I can't block downloads like exe's etc under the policy.  It still allows them like downloading a driver exe from HP downloads and opens and runs :/. The web filtering on the policy is kind of working, I get an SSL error for blocled pages, but not a nice error that this page was blocked, and maybe company logo.

Unfiltered HTML