cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Whitelist a specfic URL for one group in Web Gateway Cloud Service (Cloud Only)

I've been working with McAfee support for a few weeks on this and they just can't seem to come up with a solution nor do they seem familiar enough with the product to properly assist me. I'm trying to whitelist one particular site (youtube.com) for one group of users. I have the streaming category blocked by default but allow the whole category for my allow group. I want to give another group access to youtube.com but have all other URLs categorized as streaming blocked. Doesn't seem like a crazy request but it seems impossible to configure in the ePO cloud service. Any help would be appreciated. Thank you.

7 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 8

Re: Whitelist a specfic URL for one group in Web Gateway Cloud Service (Cloud Only)

Hi GCochran,

This is something I want as well!

At the moment for the Cloud Only UI cannot support exactly what you're describing (URL based exceptions for groups). The URL exceptions apply to the protection area (i.e. Web Category Filter).

Something that may work would be to allow the category for the group (under Web Category Filter), then allow the Youtube Application for the group (under Access Protection). Using the application based approach also eliminates the need for you having to maintain a list of URLs for Youtube.

I also forwarded this thread to our UX team. The ePO Cloud "Feedback" option actually goes directly to them. If you find any other gaps in policy creation, please do feel free to use the Feedback option as well.

Best Regards,

Jon

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 8

Re: Whitelist a specfic URL for one group in Web Gateway Cloud Service (Cloud Only)

I spoke a little too soon, this (group based url whitelists) is currently apart of the policy in the beta environment -- so this should going live pretty soon.

Highlighted

Re: Whitelist a specfic URL for one group in Web Gateway Cloud Service (Cloud Only)

Thanks Jon for your responses. Any idea when this system in the beta environment will be going live?

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 8

Re: Whitelist a specfic URL for one group in Web Gateway Cloud Service (Cloud Only)

It was added over the weekend.

Highlighted

Re: Whitelist a specfic URL for one group in Web Gateway Cloud Service (Cloud Only)

I can now see you can now block certain groups and that "allow" is the catch all and primary action (previously when you created a new rule using a URL list, you could not block a certain group). However, this does not solve my problem, it's close but not what I'm looking for. I'm looking to have the rule default to block and only allow certain groups, not the other way around. For other rules, you can move the "Block" action to the bottom to make it the catch all (primary) and then force it to allow only for the groups you specify. However, when you create a new rule using URL Lists, the "Move Down" and "Move Up" action is greyed out (see screenshot) and I cannot change the primary action of the rule I would like to create. You can change the primary action of the rule if you create a new rule using "Web Categories" as the "Move Up" and "Move Down" action are not greyed out.

Rules_details_action-URL_Lists.jpg

Highlighted

Re: Whitelist a specfic URL for one group in Web Gateway Cloud Service (Cloud Only)

I have the same problem.

I dont understand if is possible or not now in the 2019?

Highlighted

Re: Whitelist a specfic URL for one group in Web Gateway Cloud Service (Cloud Only)

I try to set the rules in the Access Protection as indicated in the manual:

Create a rule using exceptions

You can provide or deny certain access to the user groups by creating a rule using exceptions to specify user

groups.

Assume that you are creating a rule to deny executive user group access to social networking sites.

Task

1 From the McAfee ePO Cloud menu, select Policy | Web Policy.

2 Create a rule in the Access Protection feature area.

a

From Policy Browser, click of the feature policy.

b Select New Rule.

3 Assign the required rule type.

a From the Catalog pane, select Web Applications from the drop-down list.

b From the Catalog pane, click to the right of Social Networking.

In the Rule Details pane, you see that the rule name is now Social Networking.

4 Assign the required user groups.

a In the Rule Details pane, click located next to the Block option, to display the list of User Groups.

b In the Catalog pane, click to the right of Executives.

You can add one or more user groups to an action.

5 In the Rule Details pane, click Save.

 

I have the same config, but with WEB MAIL.

 

BUT if i set this rules in access protection, the rules match only with the WEB MAIL LIST. But this works only for the link in this list.

If i try to open gmail.com it's blocked because is in the list, but if i try five "regional" web mail are not blocked.

If i create a rules in the WEB CATEGORY FILTER all web mail are blocked. BUT here i cant create different rules for different group with different category to block.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community