Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Need SonicWALL Content Filtering Assistance

Posted on 2013-02-05
7
Medium Priority
?
523 Views
Last Modified: 2013-06-19
I have a new NSA 2400 and have limited experience with the OS. I have two groups of users I'd like to configure content filtering (CFS) for. Group A will have limited access to the Internet. Group B will have access to some sites that are blocked for Group A users.

I have created two policies and assigned local groups (imported via LDAP from Active Directory) to each policy. I'm unclear on what to do next. Do I have to create a new zone for my LAN interface for the second policy?

Thx.
0
Comment
Question by:vsCoder
  • 4
  • 3
7 Comments
 
LVL 13

Accepted Solution

by:
Ugo Mena earned 2000 total points
ID: 38855771
Yes, in order to apply the CFS policies via User and Zone you will need to create a new LAN zone for the second policy.

You can also apply CFS policies via App Rules. Which also requires you to create address objects for each group that you want a different CFS policy to apply to. However, this method does not require a new zone and is much more flexible for applying different policies.
0
 
LVL 1

Author Comment

by:vsCoder
ID: 38856171
Thank you, ultralites.

I have a couple of follow-up questions.

1. If I have two LAN zones with different CFS policies what happens if a person is in two Local Groups (via LDAP from Active Directory) with two separate CFS policies assigned? Is it cumulative access? Or does a blocked site in one policy override a setting in the other policy?

2. I like the App Rules option. I'm not clear on what address object I'd need to create in this scenario.
0
 
LVL 13

Expert Comment

by:Ugo Mena
ID: 38856352
1. I believe it will apply the most restrictive (cumulative) settings to a user in both Groups.

2. Sorry meant to say Application/Match Object for App Rules. App rules need a Match Object to define what/where to look for and an Action Object to define what to do when it is found. App rules allow for very specific scenarios and can let you determine what happens (i.e. with a user in 2 groups) using Address exclusions.
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
LVL 13

Expert Comment

by:Ugo Mena
ID: 38856371
Here is a link to SonicWall forums KB article:
https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7002
0
 
LVL 1

Author Comment

by:vsCoder
ID: 38856516
I did refer to that KB article previously. Not sure why it did not work - using LDAP.

I did just create a new App Rule and Match Object to block the site. Now I'd like to open it up for a small group of users. I tried using the Exception field for this, but no luck.

Thanks.
0
 
LVL 13

Expert Comment

by:Ugo Mena
ID: 38856562
you will need to define those users within a new Address Object. If you are relying on AD logins, you may need to define this group using MAC addresses.
0
 
LVL 1

Author Closing Comment

by:vsCoder
ID: 39260480
Thank you.
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
A new hacking trick has emerged leveraging your own helpdesk or support ticketing tools as an easy way to distribute malware.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question