Dell Sonicwall CFS

Posted on 2014-01-21
Last Modified: 2016-11-23
I have created policies for 3 different groups in my work

Admins, Managers and Users.

I ban most things for users however I am looking for a way to unblock a lot of the websites between lunch hours.

The only thing is I still need to ban websites like youtube etc from normal users to stop people using up all our bandwidth. Is there a way to have 1 set of sites banned at normal times and another group banned between lunch hours for my normal users?
Question by:CaptainGiblets
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3

Author Comment

ID: 39796372
To add to this question CFS is kind of confusing me a little.... I have enabled CFS on users and zones, with the default CFS blocking sites I want banned for normal users. I have enabled this in the zone LAN

I have 2 goups Managers and Users

Tom is in Users
Paul is in Managers

When I look at the users in summary I can see Tom has the CFS policy default applied and Paul has the CFS policy managers and default.

I have added the site to the forbidden domains on both managers and users, but for some reason tom is being banned but paul isn't....
LVL 25

Expert Comment

by:Diverse IT
ID: 39796382
Hi CaptainGiblets,

How are you planning on applying the policies to each group, e.g. (IP range, SSO, authentication, Zone, Rules, etc.)?

Author Comment

ID: 39796383
At the moment I am trying to apply them by SSO. I also have it enabled on the Zone but that obviously only lets me pick 1 policy per zone.
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

LVL 25

Accepted Solution

Diverse IT earned 500 total points
ID: 39796505
Correct, Zones only allow one policy at a time. If you are using SSO, then you can apply them to each group.
LVL 25

Expert Comment

by:Diverse IT
ID: 39811084
Do you have any other questions?

Author Comment

ID: 39812442
I haven't closed it off just yet as I am testing.

I have set the groups up the way I want them with Users, Managers and Admins.

The Default group bans everything and seems to work if they cant authenticate via SSO or they aren't in one of the groups.

I have also had some problems creating a lunch time rule, which I allow between 12:30 - 2:30 and allows access to more sites. This is working but sometimes the other rules such as users or managers are taking over and blocking the sites but 5 minutes later they wont be.

Trying to figure out exactly how the rules work, the way I think it works is that if they are a member of 5 CFS's and even one of them rules allow it, then it allows them access otherwise it will block it. However these odd blocks sometimes make it seem a bit random.
LVL 25

Expert Comment

by:Diverse IT
ID: 39830267
Glad I could help and thanks for the points!

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question