3 Replies Latest reply on Jul 23, 2012 9:22 AM by eelsasser

    Block twitter for certain groups

    rajjesh

      As per the mcafee trustedsource database, twitter .com as categorized under blogs/wiki and social networking. But in our organization, access to blogs/wiki is allowed to all the users, while the social networking access is granted for few groups.

       

      however due to this dual categorization, twitter.com is accessible by  all the users, where actually we just wanted a group of users be able to access it.

       

      plz provide a solution, so that the desired result is obtained.

       

      Thanks & Regards

       

      Rajjesh 

        • 1. Re: Block twitter for certain groups

          It all ahas to do with the logic of your rule sets.

          You probably have a rule for some allowed categories and another rule for some blocked categories. this is not logical way to manage it.

           

           

          Your best method is to block undesired categories at the bottom and have exceptions for groups above them to skip around the block.

          In this example below, Social Networking and WebMail are in the list URL Filter: Blocked Categories

           

          In the rules above there is a list of users or AD groups that will allow webmail and social networking if they are in the list. They perform a stop Rule Set that jumps around the block and allows it for only the people in the User list or the Group list.

           

          Exempt categories are there to override the sites in a dual categoriy scenario. For example if a site is in Education and Sexual material, normally it would be blocked on the Sexual material category. But if Education is in the Exempt list, the site would be allowed if you wanted something like Sex Education.

           

           

          URL Filter
          Enabled
          Applies to Requests: True / Responses: False / Embedded Objects: False
          Always
          EnabledRuleActionEventsComments
          EnabledURL Filter: Allowed URLs
          1: URL matches in list URL Filter: Allowed URLs°
          Stop Rule Set
          EnabledURL Filter: Blocked URLs
          1: URL matches in list URL Filter: Blocked URLs°
          Block<URL Blocked>Statistics.Counter.Increment("BlockedByURLFilter",1)<Default>
          EnabledSafeSearchEnforcer
          Always
          ContinueEnable SafeSearch Enforcer<Strict>
          EnabledGTI Reputation: Block MediumRisk and HighRisk
          1: URL.IsHighRisk<Default> equals true
          2: OR URL.IsMediumRisk<Default> equals true
          Block<Bad Reputation>Statistics.Counter.Increment("BlockedByURLFilter",1)<Default>Blocks urls with bad reputation.
          EnabledSocial Networking: Allowed Users or Social Networking: Allowed Groups
          1: URL.Categories<Default> contains Social Networking
          2: AND (Authentication.UserGroups at least one in list Social Networking: Allowed Groups
          3: OR Authentication.UserName is in list Social Networking: Allowed Users°)
          Stop Rule Set
          EnabledWebMail: Allowed Users or Webmail: Allowed Groups
          1: URL.Categories<Default> contains Web Mail
          2: AND (Authentication.UserName is in list WebMail: Allowed Users°
          3: OR Authentication.UserGroups at least one in list WebMail: Allowed Groups)
          Stop Rule Set
          EnabledURL Filter: Exempt Categories
          1: URL.Categories<Default> at least one in list URL Filter: Exempt Categories
          Stop Rule SetCategories that override a block if site is in both.
          EnabledURL Filter: Blocked Categories
          1: URL.Categories<Default> at least one in list URL Filter: Blocked Categories
          Block<URL Blocked>Statistics.Counter.Increment("BlockedByURLFilter",1)<Default>
          DisabledUncategorized: Block URLs
          1: List.OfCategory.IsEmpty(URL.Categories<Default>) equals true
          Block<URL Blocked>Statistics.Counter.Increment("BlockedByURLFilter",1)<Default>This rule blocks all URLs that are uncategorized by the GTI web database.
          1 of 1 people found this helpful
          • 2. Re: Block twitter for certain groups
            rajjesh
            Hello eelsasser,

             

            Thanks for ur post.

             

            I tried creating a new rule for the said issue. which contains url.host matches twitter.com and authentication.usergroup for authenticating the user. i have attched a copy of same here.

             

            i placed the rule above blocked sites ruleset and then added twiiter.com to blocked sites, however the site is getting blocked even to those groups whom  i have added to exclude in the newly created rule. the site is blocked  under blocked sites list. can u please suggest within the ruleset that why its not working

            • 3. Re: Block twitter for certain groups

              The rule you have looks ok, but the single rule that you have shown does not indicate how it is positioned with the rest of the rules.

               

              The Stop Rule Set action breaks out of a rule set and continues with the next rule rule set. Your block for twitter is probably contained in an entire rule set below this one and this rule will have no effect.

              It is intended to be used in a sequence of rules where there is a block below it in the same rule set, like the example above.