AnsweredAssumed Answered

EndPoint Security URL Filtering

Question asked by Juan Concepcion on Mar 29, 2018
Latest reply on Apr 8, 2018 by Gaurav Pandya

URL Filtering for Endpoint Security.  Presently this is how it's accomplished which is daunting and unmanageable when is this slated to be fixed:

 

Note: This procedure needs to be repeated after every URL filtering policy change.

Configuring URL Filtering - One-computer deployment

To prepare to deploy the URL Filtering blade as part of Endpoint Security clients:

  1. Install an R75.40 Security Gateway (R75.40 only). Can be a Virtual Machine.
  2. Connect with SmartDashboard to the Security Management Server.

  3. Open the R75.40 Security Gateway object properties.

  4. Enable the URL Filtering blade - click on OK.

  5. Go to the Application & URL Filtering tab - in the left tree, click on Policy - define the relevant rules.

  6. Install the security policy on the R75.40 Security Gateway.

  7. Connect to the command line on the Security Management Server.

  8. Log in to the Expert mode.

  9. Run one of these commands to fetch the URL Filtering into the Endpoint policy:

    • [Expert@HostName:0]# eps_policy_fetcher fetchlocal -g <Name of Security Gateway object>

      For example, eps_policy_fetcher fetchlocal -g GW1
    • [Expert@HostName:0]# eps_policy_fetcher fetchlocal -d $FWDIR/state/<Name of Security Gateway object>/FW1

      For example, eps_policy_fetcher fetchlocal -d $FWDIR/state/GW1/FW1/
  10. Connect with SmartEndpoint GUI to the Endpoint Security Server.

  11. Go to the Policy tab.

  12. In the URL Filtering rule, make sure that there is an indication that the Security Gateway policy is available for endpoints.

    Example:

 

Configuring URL Filtering - Distributed deployment

To prepare to deploy the URL Filtering blade as part of Endpoint Security clients:

  1. Connect with SmartDashboard to the Security Management Server.

  2. Open the R75.40 Security Gateway object properties.

    Note: Install an R75.40 Security Gateway (R75.40 only). Can be a Virtual Machine.
  3. Enable the URL Filtering blade - click on OK.

  4. Go to the Application & URL Filtering tab - in the left tree, click on Policy - define the relevant rules.

  5. Install the security policy on the R75.40 Security Gateway.

  6. Copy all the files from the $FWDIR/state/<Name of Security Gateway object>/FW1/ directory on the Security Management Server to the $FWDIR/state/__tmp/FW1/directory on the Endpoint Security Management Server.

    Important Note: If you copy these files via a Windows-based computer, then after transferring them to the Endpoint Security Management Server, it is necessary to run the following command:
    dos2unix $FWDIR/state/__tmp/FW1/*

  7. Connect to the command line on the Endpoint Management Server.

  8. Log in to the Expert mode.

  9. Run the following command to fetch the URL Filtering into the Endpoint policy:

    [Expert@HostName:0]# eps_policy_fetcher fetchlocal -d $FWDIR/state/__tmp/FW1
  10. Connect with SmartEndpoint GUI to the Endpoint Security Server.

  11. Go to the Policy tab.

  12. In the URL Filtering rule, make sure that there is an indication that the Security Gateway policy is available for endpoints.

Outcomes