cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
ZanG
Level 7
Report Inappropriate Content
Message 1 of 5

Is it possible to block certain domains (for exampe .cn, .ru, etc.)

Jump to solution

Hi,

I am using Mcafee Web Gateway 8.1.1 and would like to block certain countries's domain extensions. For example I would like to block all China's domains (block .cn domain extention), but I don't know if that is even possible?

If it is, which rule do I have to use?

Thanks

2 Solutions

Accepted Solutions
Reliable Contributor marcus69
Reliable Contributor
Report Inappropriate Content
Message 3 of 5

Re: Is it possible to block certain domains (for exampe .cn, .ru, etc.)

Jump to solution

Hello  @ZanG 

of course it is possible.

 

Just add the following example to the top of your MWGs rule tree:

2019-06-05 08_48_16-MWG-Block-TLDs.jpg

... and the whole Chinese top level domain is blocked.
You may want to add a wildcardlist of TLDs if more of them are supposed to be prohibited by rule.

Best regards
    Marcus

McAfee Employee aloksard
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: Is it possible to block certain domains (for exampe .cn, .ru, etc.)

Jump to solution

Hi,

You can make use of property URL.Geolocation and see if that helps to achieve your requirement.

CN-China

You can try creating a rule using below criteria :-

URL.Geolocation<CloudOnly> is in list GeoLocationCodes  and set action as Block.

 

In GeoLocation code List you can add CN.

 

Also attaching an Geolocation rule for reference and Geolocation code PDF.

 

Regards

Alok Sarda

4 Replies
Reliable Contributor marcus69
Reliable Contributor
Report Inappropriate Content
Message 2 of 5

Re: Is it possible to block certain domains (for exampe .cn, .ru, etc.)

Jump to solution

Hello @ZanG 

of course it is possible.

Just add a rule like this one on the top of your rule tree:

2019-06-05 08_48_16-MWG-Block-TLDs.jpg

 

 

... in order to block the whole top level domain .cn

You may want to add a wildcard list, if you need more TLDs to be prohibited.

 

Best regards
    Marcus

Tags (1)
Reliable Contributor marcus69
Reliable Contributor
Report Inappropriate Content
Message 3 of 5

Re: Is it possible to block certain domains (for exampe .cn, .ru, etc.)

Jump to solution

Hello  @ZanG 

of course it is possible.

 

Just add the following example to the top of your MWGs rule tree:

2019-06-05 08_48_16-MWG-Block-TLDs.jpg

... and the whole Chinese top level domain is blocked.
You may want to add a wildcardlist of TLDs if more of them are supposed to be prohibited by rule.

Best regards
    Marcus

McAfee Employee aloksard
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: Is it possible to block certain domains (for exampe .cn, .ru, etc.)

Jump to solution

Hi,

You can make use of property URL.Geolocation and see if that helps to achieve your requirement.

CN-China

You can try creating a rule using below criteria :-

URL.Geolocation<CloudOnly> is in list GeoLocationCodes  and set action as Block.

 

In GeoLocation code List you can add CN.

 

Also attaching an Geolocation rule for reference and Geolocation code PDF.

 

Regards

Alok Sarda

ZanG
Level 7
Report Inappropriate Content
Message 5 of 5

Re: Is it possible to block certain domains (for exampe .cn, .ru, etc.)

Jump to solution

Thank you both for your anwsers. So far I've tried @marcus69's soluition and it works!

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator