Hello,
we started to use MWG 7. Now we have the question whether the following scenario is possible:
At the moment the category "Personal Network Storage" is blocked. So nobody can download or upload data to the sites behind this category.
Is it possible to allow the download from sites of the category and forbid the upload to such sites?
Thanks and Regards
Solved! Go to Solution.
It does work. I use a rule like this to make anything that is in the File Sharing application control to be read only.
Category: File Sharing | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
Enabled Applies to Requests: True / Responses: False / Embedded Objects: False 1: Application.Name is in list File Sharing | ||||||||||
|
The Read Only: Exceptions list has these entries to allow posting of logon and logoff information:
# | ReadOnly: Exceptions | |
---|---|---|
Wildcard Expression | Comment | |
1 | *login* | Generic logon URL |
2 | *logon* | Generic logon URL |
3 | *logout* | Generic logout URL |
4 | *logoff* | Generic logout URL |
5 | *auth* | Generic authenticate URL |
6 | *browse* | Generic Search function |
Hi mgarten!
Yes, this is possible.
I have not tested it, but you can just add an additional contition to your block rule. Now it will look like this:
Criteria:
URL.Categories contains "Personal Network Storage"
AND
(Command.Name equals "POST"
OR
Command.Name equals "PUT")
Action:
Block
You may do some research, which HTTP methods need to be handled.
Ciao
Felix
Does anyone have any more input on if this will work or not ?
It does work. I use a rule like this to make anything that is in the File Sharing application control to be read only.
Category: File Sharing | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
Enabled Applies to Requests: True / Responses: False / Embedded Objects: False 1: Application.Name is in list File Sharing | ||||||||||
|
The Read Only: Exceptions list has these entries to allow posting of logon and logoff information:
# | ReadOnly: Exceptions | |
---|---|---|
Wildcard Expression | Comment | |
1 | *login* | Generic logon URL |
2 | *logon* | Generic logon URL |
3 | *logout* | Generic logout URL |
4 | *logoff* | Generic logout URL |
5 | *auth* | Generic authenticate URL |
6 | *browse* | Generic Search function |
could you post this in an xml format so I can import it and review it on my system? Curious why you use file sharing and not personal network storage. thx
I use the application control name instead of the category simply because that's how my rules are setup.
"A nod's as good as a wink to a blind bat"
Thanks for the good idea. I had only login and logout for readonly exceptions. And the Statistic Counter is fine too.
I have another question to your rule set. Do you have an extra block message for application control?
I use at this moment the same like url blocked with site review.
I have a highly customized set of block pages and one specifically for Application Control.
You can create a new template for AppControl specifically and copy the HTML in from another page, or just set the action on your to an existing page, like Block<URL Filter>
Hello,
I just implement the solution provided by eelsasser and it works. Thanks
But I have some questions.
1) Where can I see the statistic counter? Not in the dasboard or?
2) It seems that it doens work for www.icloud.com. In our case the login to it is not working. Does anyone have a solution for that?
The counter should be the Application Control Counter on the Executive summary and the App Control statistics on the dashboard.
Can't really tell about iCloud. I don't have an apple device to setup the account with, but is appears that you may have to put another exception into the logon.
From what I can tell from my access denied logs, the logon also POSTs to:
https://setup.icloud.com/setup/ws/1/validate
Try adding that to the exceptions list.
Check you access_denied log for what's blocked.
I also have a POST log i use for debugging this that records each POST in a seperate log. It's very useful for this purpose:
Debug: POST.log 1: Command.Name equals "POST" | Continue | Set User-Defined.logLine = DateTime.ToWebReporterString + " "" + String.ReplaceIfEquals(Authentication.UserName,"","-") + "" " + String.ReplaceIfEquals(IP.ToString(Client.IP),"","-") + " " + String.ReplaceIfEquals(IP.ToString(URL.Destination.IP),"","-") + " " + String.ReplaceIfEquals(Number.ToString(Response.StatusCode),"","-") + " "" + String.ReplaceIfEquals(MediaType.ToString(MediaType.FromHeader),"","-") + "" "" + String.ReplaceIfEquals(List.OfCategory.ToString(URL.Categories<MostRecent>),"","-") + "" "" + String.ReplaceIfEquals(Application.ToString(Application.Name),"","-") + "" "" + Request.Header.FirstLine + """ FileSystemLogging.WriteLogEntry(User-Defined.logLine)<POST.log> |
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA