- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-12-2023 12:52 AM
Hi all,
My organisation needs to create an DNS policy where all the domains (except porn or terrioism) will be allowed and in Web Policy restriction will be configured like below example
IN DNS POLICY (Allowed domains)
Cisco.com, facebook.com, google.com will be allowed
IN WEB POLICY (blocked urls)
cisco.com/login, facebook.com/chat, google.com/mail will be blocked.
Please help me will it work as per stated above or anything else needs to do to achieve the requirement
Solved! Go to Solution.
- Labels:
-
Umbrella
-
Web Security
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-12-2023 02:07 AM
Requirements:
- DNS policy:
- - Content categories to block: Pornography, Terrorism
- - Allow list: cisco.com, facebook.com, google.com
- WEB policy:
- - Destination list (to block): cisco.com/login, facebook.com/chat, google.com/mail
Results:
(Testing using a W10 with AC)
Test 1: Porn category: http://www.exampleadultsite.com – blocked:
Test 2: cisco.com – allowed:
Test 3: cisco.com/login – blocked:
Test 4: google.com/mail – blocked:
Test 5: google.com – allowed:
It works and achieves the requirements.
Note: HTTPS Inspection needs to be enabled on the Web Policy.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-12-2023 02:07 AM
Requirements:
- DNS policy:
- - Content categories to block: Pornography, Terrorism
- - Allow list: cisco.com, facebook.com, google.com
- WEB policy:
- - Destination list (to block): cisco.com/login, facebook.com/chat, google.com/mail
Results:
(Testing using a W10 with AC)
Test 1: Porn category: http://www.exampleadultsite.com – blocked:
Test 2: cisco.com – allowed:
Test 3: cisco.com/login – blocked:
Test 4: google.com/mail – blocked:
Test 5: google.com – allowed:
It works and achieves the requirements.
Note: HTTPS Inspection needs to be enabled on the Web Policy.
