ThatGuy24 0 Posted March 12, 2019 Posted March 12, 2019 Hi all I am trying to implement web filtering for our company, with various levels of filtering across different departments. We use Office 365, Teams and SharePoint Online for the majority of our business content. Ideally we would like to only have a whitelist and block all other traffic. What is the best way to go about this: URL Address management, or Web Control, can these work in tandem? From my testing it seems that Web Control does not allow for wild card usage-is this correct? Ive noticed that if you allow say facebook.com, the site will load, but since it pulls content from other URLs, those other URLs also need to be whitelisted, or the page doesn't render properly. Is there a way to whitelist the main URL and for the page to render properly? We are having issues with ips, and ports other than 80/443 for systems such as printers, VoIP systems, and RDP. Is there a way to only block web traffic and allow other traffic? Thanks for taking the time to read, and hopefully someone can help me come right!!
Administrators Marcos 5,451 Posted March 12, 2019 Administrators Posted March 12, 2019 1, URL address management allows for black/whitelisting urls. Wildcards are supported. The primary role of Web Control is to filter URLs by category. To create an exception for a particular URL blocked by a category, you'll need to do it via a Web Control rule. Web Control doesn't support wildcards. 2, You can whitelist the main URL, however, in order to allow access to all other URLs it loads you'd need to do it for each URL manually. 3, Web access protection scans HTTP(S) on default ports 80, 8080 and 443. The HTTPS scanner filters only SSL communication of browsers. I don't think that RDP or printers communicate via HTTP on port 80. ThatGuy24 1
ThatGuy24 0 Posted March 12, 2019 Author Posted March 12, 2019 2 minutes ago, Marcos said: 1, URL address management allows for black/whitelisting urls. Wildcards are supported. The primary role of Web Control is to filter URLs by category. To create an exception for a particular URL blocked by a category, you'll need to do it via a Web Control rule. Web Control doesn't support wildcards. 2, You can whitelist the main URL, however, in order to allow access to all other URLs it loads you'd need to do it for each URL manually. 3, Web access protection scans HTTP(S) on default ports 80, 8080 and 443. The HTTPS scanner filters only SSL communication of browsers. I don't think that RDP or printers communicate via HTTP on port 80. Hi Marcos Thanks for the reply, much appreciated. If i use URL address management, i should not have to worry about whitelisting local ips? When testing with web control, i had to whitelist the pbx ip for the Avaya system to work. Is URL address management different? Thanks
Talmaf 0 Posted April 29, 2019 Posted April 29, 2019 i also wanted to know whether its possible to set a policy on ESET Endpoint security that allow users to access a certain website at specific times of the day i.e users to access say facebook from 1pm-2pm on specified day.
Administrators Marcos 5,451 Posted April 29, 2019 Administrators Posted April 29, 2019 6 hours ago, Talmaf said: i also wanted to know whether its possible to set a policy on ESET Endpoint security that allow users to access a certain website at specific times of the day i.e users to access say facebook from 1pm-2pm on specified day. Answered here: https://forum.eset.com/topic/19391-web-control/
Recommended Posts