10-03-2011 09:14 AM
Hello
I have created a custom URL filter, however not all of the Netflix feeds are blocked. This only seems to be happenig on Apple products
Ironport infor:
Product: IronPort S160 Web Security Appliance
Model Number: S160
Version: 7.1.2-080
Serial Number: 00219BFB0375-D6BZJH1
Number of CPUs: 1
Memory (GB): 4
Current Time: Mon Oct 3 11:05:53 2011
Feature "L4 Traffic Monitor": Quantity = 1, Time Remaining = "Perpetual"
Feature "HTTPS": Quantity = 1, Time Remaining = "Perpetual"
Feature "URL Filtering": Quantity = 750, Time Remaining = "471 days"
Feature "Web Proxy & DVS Engine": Quantity = 1, Time Remaining = "Perpetual"
Please advise
thanks
10-03-2011 10:25 AM
Steve,
My guess is that the Apple products aren't being forced to authenticate, and unauthenticated users are allowed out...
I'd set your "Global Policy" to block Netflix (Web Security Manager>Access Policies... the bottom one). If you need some people to be able to hit netflix, you can set that in a policy ABOVE the global policy (WSA policies work top down, left to right...)
SSH to the box, run grep, use the ip of an Apple box as the search and tail the log. Then have the Apple box hit Netflix. You'll see what the WSA thinks is going on...
Ken
10-12-2011 02:10 PM
The best thing to do in this case is to create a new Identity for Apple users only. That way you can segragate what traffic is allowed where. To do this, use the below instructions.
1- Create a new Identity and name it Macintosh
a- Set the "Define Members by Protocol" to "All"
b- Set "Define Members by Authentication" to "No Authentication"
c- Select the "Advanced" hyperlink to open the "Advanced" options and click on "User Agents"
i- Enter each User Agent that I have listed so that Ironport can identify Apple devices and apply this Identity
macintosh, Macintosh, iPhone, iPad, iPod, iTunes, MacBook
ii- Set "Match User Agents" to "Match the selected user agent definitions
iii- Select the "Done" button
d- Select the "Submit" button
2- Create a new Access Policy and name it Macintosh
e- Set the "Identities and Users" feild to "Select One or More Identities" and than select the "Macintosh" Identity that you just created
f- Select the "Submit" button
3- Create a "Custom URL Category" and name it Macintosh
g- Add the URL's that you wish to be blocked in the URL field
iv- Be sure to include a "." before the url
- Use this example as a reference - .yoururlhere.com
- The "." acts as a .* in this case saying that include anything before
h- Select the "Submit" button
4- Go back to Access Policies and click on the "URL Filtering" hyperlink for the Macintosh Access Policy
i- Select the "Select Custom Categories" button
j- From the drop down for the Macintosh Custom URL Category, select the "Include" option
k- Select teh "Apply" button
l- Put a checkmark in the "Block" box that corresponds with the Category that you just added.
m- Select the "Submit" button
5- Click the "Commit" Changes button to make the new policies active
Let me know if you have any questions.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide