Author: meyersh created: 09:54, 30 July 2013 (CDT)
- Version: 1
- Revisions: ---
- Reviewed by: ---
Time to implement: < 15m
Products this applies to: SonicWall Firewall
Description & Scope
This SOP describes how to block a URL from access to all campus computers. The expected purpose of this is to block phishing and malware site attacks.
- Management access to firewall
Login to firewall
Direct the browser to http://10.0.0.254 (or http://sonicwall.morningside.edu). You will need to confirm security exceptions because the firewall does not have a valid SSL certificate.
Your Morningside credentials should get you in here.
From the popup, choose "Manage."
Add content to the CFS
Choose Security Services > Content Filter.
Scroll down to CFS custom category. Choose the pencil to configure the "Phishing" category.
Add the domain name to the content field and chose, "Add."
- It is important to note that you need to derive the domain name from the URL. This means, remove the path section and drop the protocol specifier. (See the examples section at the end of this document.)
Note that this blocks all subdomains. Therefore, yahoo.com will match www.yahoo.com and mail.yahoo.com.
Choose OK Accept the changes and log out of the firewall management interface.
Attempt to visit the url of the page you just blocked. It is recommended that you use a different computer or browser to avoid caching issues.
Deriving domain name from URL
Here the protocol is http, the domain is domain.tld and the path is /path/to/file.html