cancel
Showing results for 
Search instead for 
Did you mean: 
john-gennaro
Level 7

How to block access to non-company sites for IE only.

Hello,

Still pretty new to MWG.   We are running version 7.2.0.5.   I have a new scenario our security dept. would like to test on certain machines for now, to be rolled out on a wider scale after it has been tested.     They would like to block access to non-company sites via IE but allow a list of allowed domains to be accessed, some internal and some external.   They would like to force users to use Chrome instead.

Additionally they would like to block all Java applets from untrusted domains or based on site categorization in the Proxy.    In this case it wouldn't matter what browser they are using.

Could someone give me a hand and give me some recommended steps to accomplishing these tasks?

Thank you in advance,

John Gennaro

Message was edited by: john-gennaro on 5/21/13 1:03:13 PM CDT
0 Kudos
7 Replies
exbrit
Level 21

Re: How to block access to non-company sites for IE only.

Moved from Community Help to Business > Web Gateway for better attention.

0 Kudos
john-gennaro
Level 7

Re: How to block access to non-company sites for IE only.

Thanks Peter

0 Kudos
McAfee Employee

Re: How to block access to non-company sites for IE only.

Hi John,

How are you deploying the Web Gateway? Direct proxy or transparent setup?

Reason I ask, only direct proxy would allow for MWG to see the User-Agent for SSL requests.

For more information on User-Agents check out this article:

https://community.mcafee.com/docs/DOC-4804

Best,

Jon

0 Kudos
john-gennaro
Level 7

Re: How to block access to non-company sites for IE only.

Hi Jon,

Direct Proxy.    Thanks for the article.   I think this will assist with the first question.   Any thoughts on the question of blocking all Java applets from untrusted domains?

Thank you in advance,

John

0 Kudos
alexn
Level 14

Re: How to block access to non-company sites for IE only.

https://community.mcafee.com/servlet/JiveServlet/showImage/38596/1.0.0_belongs_whitelist.png

In this image do u see URL filtering.I think this will hep you.

0 Kudos
McAfee Employee

Re: How to block access to non-company sites for IE only.

Hi John,

Here is a very abbreviated example, it can be expanded on much more:

You could do something like:

-Criteria:

(Header.Request.Get(User-Agent) matches *java* OR

URL.Extension matches *.jar OR

URL.Extension matches *.class) AND

URL.Host is not in list Trusted Java domains

-Action: Block

Best,

Jon

0 Kudos
john-gennaro
Level 7

Re: How to block access to non-company sites for IE only.

Jon,

Thank you for those suggestions, I will give them a try.

Best,

John

0 Kudos