cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

URL Blocking via HIP8

Jump to solution

Hello is there any way how to block specific URL ?

Tried DNS Blocking = not working for me.

Tried specific Rule in FW to block all traffic for remote IP ( IP of website ) + FQDN ( entered what nslookup found )

My assumption is that this is result of proxy settings on our environment that this is being routed via our proxy server thus resulting in different IP being used, however my impression was that HIP should be resolving the IP locally so blocking this even before it wil reach proxy .

P.S. I've tried my rules on top level of fw rules.

Have anyone ever luck to block access to website like this ? Or this is not possible ?

1 Solution

Accepted Solutions
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 4

Re: URL Blocking via HIP8

Jump to solution

Hello is there any way how to block specific URL ?

Not within HIPS; try the SiteAdvisor product.

Tried DNS Blocking = not working for me.

Tried specific Rule in FW to block all traffic for remote IP ( IP of website ) + FQDN ( entered what nslookup found )

My assumption is that this is result of proxy settings on our environment that this is being routed via our proxy server thus resulting in different IP being used, however my impression was that HIP should be resolving the IP locally so blocking this even before it wil reach proxy .

DNS Blocking, as well as FQDN blocking and TrustedSource, work when the local client is performing the DNS lookups.  In a proxy situation, where your Internet browser is set to a Proxy/PAC server, the local client is typically NOT doing the DNS lookup.  The browser request is handed off directly to the Proxy server, which does the DNS lookup.  I usually test with Telnet to force a local DNS lookup and connect out to verify if these features (DNS blocking, FQDN firewall rules, and TrustedSource) would block traffic properly.

View solution in original post

3 Replies
Highlighted
Level 7
Report Inappropriate Content
Message 2 of 4

Re: URL Blocking via HIP8

Jump to solution

Hi

Correct, think about what the client gets when connected to a Proxy. HIPS cannot know more than the client provides, so when using any FQDN / DNS you can check against certain IP Adresses but when the Proxy does only provide his own it does not match. If you use a name HIPS need to let the System make a DNS resolve.

HIPS is not a URL filter.

best regards

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 4

Re: URL Blocking via HIP8

Jump to solution

Hello is there any way how to block specific URL ?

Not within HIPS; try the SiteAdvisor product.

Tried DNS Blocking = not working for me.

Tried specific Rule in FW to block all traffic for remote IP ( IP of website ) + FQDN ( entered what nslookup found )

My assumption is that this is result of proxy settings on our environment that this is being routed via our proxy server thus resulting in different IP being used, however my impression was that HIP should be resolving the IP locally so blocking this even before it wil reach proxy .

DNS Blocking, as well as FQDN blocking and TrustedSource, work when the local client is performing the DNS lookups.  In a proxy situation, where your Internet browser is set to a Proxy/PAC server, the local client is typically NOT doing the DNS lookup.  The browser request is handed off directly to the Proxy server, which does the DNS lookup.  I usually test with Telnet to force a local DNS lookup and connect out to verify if these features (DNS blocking, FQDN firewall rules, and TrustedSource) would block traffic properly.

View solution in original post

Highlighted

Re: URL Blocking via HIP8

Jump to solution

Thanks a lot I was hoping to get such response :] Actually just starting with SiteAdvisor but the problem is Browser supportability, so just waiting for new hotfix for latest IE and FF.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community