Gustavo's resource recommendation can work, but as he said, there are some limitations regarding performance, rule base structuring and https analysis.
Another method I have used very successfully is to deny the DNS domain from being resolved. This is definitely a "workaround" and not really a method I would promote (the true answer is to buy the URL filtering feature). However, it is very effective at accomplishing what you want. In SmartDefense, go to the DNS section and enable the domain block feature. Add the domains you want to block out (facebook.com, twitter.com, etc.) and install the policy. This will prevent anyone from being able to resolve those domains, which means that the http/s queries do not even begin. The limitation here is that a tech-savvy user could attempt to work around this issue by manually adding hosts entries into his hosts files to "hard-code" the domain resolution. However, this is a tedious way for a user to get access to a blocked website, especially if the destination URL changes the host portion of the FQDN. For the majority of users, this is a very simple workaround which I have successfully implemented a number of times. It works like a charm for most people. Please be aware that it does introduce extra load on the firewall, but it should be lower than implementing an http resource. Have fun Matthew -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[email protected]] On Behalf Of Francisco Ruiz Ibañez Sent: 23 February 2010 02:05 PM To: [email protected] Subject: [FW-1] Blocking Facebook, Twiter and Messenger with fw1 Hello We want to restrict access to facebook, twiter and messenger for some people. Can we do It using fw1? I've seen Msn ports defined in services tab but nothing about facebook, twiter and similar applications. Regards. ---------------------------------------------------------------------------- Este correo electrónico contiene información privada que puede estar legalmente protegida, parcial o totalmente. Es solo para uso del destinatario al que está dirigido. Si ha recibido este mensaje por error, le rogamos que lo notifique al remitente del email y que además borre de su sistema el mensaje así como todas sus copias, incluyendo las posibles copias del mismo en su disco duro, y se abstenga de usar, revelar, distribuir a terceros, imprimir o copiar ninguna de las partes de este mensaje. Los datos personales que pueda contener el presente mensaje, ya sea en su contenido o en los destinatarios, cumplen con lo establecido en la Ley Orgánica 15/1999, de 13 de diciembre, de Protección de Datos de Caracter Personal. ---------------------------------------------------------------------------- This e-mail contains proprietary information some or all of which may be legally protected. It is for sole use of the intended recipient only. If you have received this message by mistake, you are requested to notify the e-mail sender and erase both the message and any copies from your system, including hard disk copies. You are further requested to refrain from using, distributing to third parties, printing or making copies of any parts of this message. The personal data that may appear in this e-mail message are in accordance with the Organic Law 15/1999 of 13 December on the Protection of Personal Data. ---------------------------------------------------------------------------- Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] <mailto:[email protected]> in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html <http://www.checkpoint.com/services/mailing.html> ================================================= If you have any questions on how to change your subscription options, email [email protected] <mailto:[email protected]> ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
