topic Re: Whitelisting and managing URL access per User in SASE and Remote Access

Whitelisting and managing URL access per User

championc1 — Thu, 14 Dec 2023 12:02:50 GMT

What is the best way to Whitelist and Manage Internet Access for individual users ? Is there any way of creating a Dynamic List of Usernames / AD names to URL's permitted.

Website access is blocked by Categories, but sometimes exceptions need to be made for specific individuals. Adding a rule per user in Access Control > Internet Access is not an option. And in most cases, providing access to a whole department would not be wanted to be allowed.

Thanks in advance

Re: Whitelisting and managing URL access per User

the_rock — Thu, 14 Dec 2023 12:14:40 GMT

I always found, and this is just my personal opinion, best way to do this is with access roles in the rule. Though, to do so, you need to have IA blade enabled.

I worked with customer few years ago that came from Cisco world and they really like CP layered approach where you can utilize access roles in say network layer and then use another ordered layer for urlf+appc restrictions (along with https inspection if needed)

Andy

Re: Whitelisting and managing URL access per User

championc1 — Thu, 14 Dec 2023 12:51:37 GMT

Thanks for that @the_rock

So how does the IA Blade get referenced by Harmony Connect ? I'm assuming that IA will only relate to the on LAN clients rather than for the Remote clients.

Re: Whitelisting and managing URL access per User

the_rock — Thu, 14 Dec 2023 12:55:31 GMT

You are talking about harmony connect, got it...sorry, I touched that literally once in my life, so wont even try to give advice on it. Maybe someone else can clarify. Access roles would more relate to LAN side, correct.

Andy

Re: Whitelisting and managing URL access per User

championc1 — Thu, 14 Dec 2023 12:57:14 GMT