Thank you, Giftson. However, can you help me with the proper way to configure the blocking ofhttps://www.facebook.com? When you say it is weak, in what way? And how do I may it stronger? Thanks in advance.Thank you, Giftson. However, can you help me with the proper way to configure the blocking of https://www.facebook.com? When you say it is weak, in what way? And how do I may it stronger?
Thanks in advance.
You can't post conmments that contain an email address.
- If you need clarification, ask it in the comment box above.
- Better answers use proper spelling and grammar.
- Provide details, support with references or personal experience.
Tell us some more! Your answer needs to include more details to help people.You can't post answers that contain an email address.Please enter a valid email address.The email address entered is already associated to an account.Login to postPlease use English characters only.
Tip: The max point reward for answering a question is 15.
Setup a proxy server and black list facebook.com that is the easiest way. Route all users to the proxy server and set premissions that does not let them change the proxy settings.
firewall, go through firewall or internet security settings and facebook should show up on a list. if you are a a job, some jobs put a firewall block on facebook. try https//www.facebook.com. only thing different is the httpS. very important.
Most probably the access to facebook is blocked from your windows or network firewall. The administrator of the PC or network has to remove the RULE from firewall(s) that deny access to facebook site.
If above is not possible (e.g. in case it was made on purpose by the administrator, e.t.c.): Alternative you can try to connect to facebook through proxies that can bypass your firewall. Below you can see some of these proxies. Just go there, type www.facebook.com in the URL box and press go. Whala!!!
Well the way that these filters work is that they look for the EXACT address: www.facebook.com. To fix this you’ll want to add https://www.facebook.com and http://www.facebook.com. This will help the filter to see all combinations and block them all.
Remember, you need to configure DNS on the ScreenOS device before the address book items can resolve the DNS to an IP address.
In this example, we assume the hostname is SSG5, the domain name is abc.com, the primary DNS is 1.1.1.1, and the secondary DNS is 1.1.1.2
Click Network > DNS
Host Name: SSG5
Domain Name: abc.com
Primary DNS Server: 1.1.1.1
Secondary DNS Server: 1.1.1.2
Click Apply
Click Objects > Addresses > List
Select Untrust
Click New
Address Name: www.facebook.com
Click domain name, and enter www.facebook.com
Zone: Untrust
Click OK
Click Objects > Addresses > Group
Zone: Untrust
Click New
Group Name: Facebook
Move www.facebook.com from Available Members to Group Members by clicking the << button
Click OK
Click Policies
Select From Trust to Untrust, then click New
Source Address: Click Address Book, and select ANY
Destination Address: Click Address Book, and select facebook
Service: ANY
Action: DENY
Click OK
hope this helps you
Just upgrade to the IPS (instrusion prevention subscription) for your 2040 and check Prevent ALL for HIGH, MEDIUM and LOW (LOW blocks Facebook like a champ). You'll find some other services blocked as well such as Terminal Services, but you can filter individual LOW priority attacks to allow those connections in (I recommend VPN for Terminal services anyway).
I actually was looking for a way to OPEN connections to Facebook while preventing LOW priority attacks and found your post.
Thank you, Giftson. However, can you help me with the proper way to configure the blocking ofhttps://www.facebook.com? When you say it is weak, in what way? And how do I may it stronger?
Thanks in advance.
×