SonicWALL: How to block everything except allowed domains CFS 4.0

Telephony SonicWall
1

https://www.sonicwall.com/en-us/support/knowledge-base/170915092649890

How to block everything except allowed domains CFS 4.0

Last Updated: 5/11/2018 2735 Views 43 Users found this article helpful

Description

How to block everything except allowed domains CFS 4.0.

Resolution

Steps to Block Everything except allowed domains

  1. Create a URI list object with all the allowed domains

  2. Create a CFS Profile Object

  3. Create a Policy to apply the filtering on to specific group or edit the existing default policy.

Navigate to Manage | objects | content Filter Objects | URI list Objects | URI list and add the domain’s by clicking ADD. If you already have a URI list on other SonicWall you can import them from IMPORT ans EXPORT options

Image
Image1179×729 115 KB

Navigate to Manage | objects | content Filter Objects | CFS Profile Objects

  • Name the profile
  • choose the Allowed Domains URI list that was created for Allowed URI list
  • set the operation to block and make sure all the the categories are set to block or hit SET TO ALL and click OK

Image

Navigate to Manage | Security Services | Content Filter and click ADD under CFS policies

  • Name the Policy
  • Choose the source and destination zones as necessary(Here we are restricting to internet so LAN to WAN)
  • Choose the User group. If the restriction is only for specific group group them all using address objects and address groups. Or if it is hard to add all the random IPs and if only few people are excluded from content filter, choose CFS exclusion list to add the excluded users using address objects and groups
  • Choose the Allowed Domains Profile
  • For the action you can choose the CFS default action or if some other action is necessary to be applied on this user group then it is necessary to create a CFS action object

Image
Image911×479 122 KB

NOTE : This configuration might not work if there is a policy which is taking precedence over the one that has been just created. So make sure the policy created is taking precedence over other if the same user group is chosen in few other policies.

https://www.sonicwall.com/en-us/support/knowledge-base/170915092649890

Liquid Layer Networks

Powered by:

HostCheetah Networks
Global Web Hosting, Domain Registration and Internet Services
http://hostcheetah.net | http://hostcheetah.uk