cancel
Showing results for 
Search instead for 
Did you mean: 

Proxy - Block all sites and only allow specific sites for specific users.

Jump to solution

Good Morning,

So I have a list of users (20 plus) who need to be blocked from accessing the internet and only allow access to specific websites.

I have successfully created my filters by URL of approved websites. The issue I am having is defining the users to whom this will apply to.

I did create a user group in which the users are assgned in AD but cannot find a way to apply this in the rule for the proxy.

Any assistance would be appreciated.

Apologies in advance. I inherited several McAfee products and am doing my best to learn about them.

1 Solution

Accepted Solutions

Re: Proxy - Block all sites and only allow specific sites for specific users.

Jump to solution

The property you are looking for is Authentication.UserGroups.  You can use this to check what groups the users are once they are authenticated.

I would set it up as 'Authentication.UserGroups' 'contains' <value> or 'Authentication.UserGroups' 'at least on in list' <MWG list name>.

6 Replies
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 2 of 7

Re: Proxy - Block all sites and only allow specific sites for specific users.

Jump to solution

Hi, could you clarify by name the McAfee product you are using so I can redirect this into the actual software sub-forum?

Re: Proxy - Block all sites and only allow specific sites for specific users.

Jump to solution

Apologies for that. The product is for McAfee Web Gateway 7. Appreciate your assistance.

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 4 of 7

Re: Proxy - Block all sites and only allow specific sites for specific users.

Jump to solution

OK thanks.  Moved.

Re: Proxy - Block all sites and only allow specific sites for specific users.

Jump to solution

The property you are looking for is Authentication.UserGroups.  You can use this to check what groups the users are once they are authenticated.

I would set it up as 'Authentication.UserGroups' 'contains' <value> or 'Authentication.UserGroups' 'at least on in list' <MWG list name>.

Highlighted

Re: Proxy - Block all sites and only allow specific sites for specific users.

Jump to solution

I second Andy's response.

In addition to that, you may also use username in case you dont have AD groups configured,

Authentication.UserGroups = AD group

Authentication.Username = domain users

You could create a list for either of these two and apply it in your policy. Your rule must be,

Authentication.Usergroups at least one in list <MWG group list> AND <URL list> with a "Stop Rule Set" action.

then set a blocking rule below that.

Regards,

Philip

Re: Proxy - Block all sites and only allow specific sites for specific users.

Jump to solution

Appreciate the assistance Andy and Philipprey. Glad to know that I was atleast headed in the right direction. I just need to fix a couple of things and and the rule should be working as intended.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community