How to allow facebook through firewall
How to allow Facebook access only during lunch hours using App Control Advanced in SonicOS
11/24/2022 30 People found this article helpful 193,131 Views
Description
How to allow Facebook access only during lunch hours using App Control Advanced
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
Create a Schedule for Lunch Hours:
- Navigate to OBJECT ||MATCH OBJECT ||SCHEDULE:
- Click on Add
- Provide a Schedule Name and configure the Schedule as per the screenshot below
NOTE: In this scenario, we are scheduling Facebook access only during lunch hours. The days and the timings can be set as per your requirement.
Schedule Type is of three types:
- ONCE
- Recurring
- Mixed
ONCE: For a one-time schedule between the configured Start and End times and dates. When selected, the fields under Once become available, and the fields under Recurring become dimmed.
RECURRING: For a schedule that occurs repeatedly during the same configured hours and days of the week, with no start or end date. When selected, the fields under Recurring become available, and the fields under Once become dimmed.
MIXED: For a schedule that occurs repeatedly during the same configured hours and days of the week, between the configured start and end dates. When selected, all fields on the page become active.
TIPS:
- Time must be in 24-hour format, for example, 17:00 for 5 pm.
- If the fields under Once are available, configure the:
- Starting date and time by selecting the Year, Month, Date, Hour, and Minute from the drop-down menu in the Start row.
- The hour is represented in 24-hour format.
- Ending date and time by selecting the Year, Month, Date, Hour, and Minute from the drop-down menu in the End row. The hour is represented in 24-hour format.
- If the fields under Recurring are available:
- Select the checkboxes for the days of the week to apply to the schedule or select All.
- Enter the time of day for the schedule to begin in the Start Time field.
- Enter the time of day for the schedule to stop in the Stop Time field.
Configuring Schedules in Gen7 SonicOS:Configuring Different Types of Schedules in Gen7 SonicOS
Block Facebook using App Control Advanced and apply the Schedule:
- Navigate to POLICY ||SECURITY SERVICES || App Control.
- Set the category to Social Networking.
- In the Application drop down menu, Select Facebook.
- Click on the icon next to Facebook and set the Block to Enable and Log to Enable.
- In the Schedule drop down menu, Select "Facebook Lunch" and click on OK to save the settings.
Enable App Control on the Zones required:
- Navigate to POLICY ||MATCH OBJECT | Zones
- Edit the Zone Required and check the Enable App Control Service option to apply the App Control to the devices on that Zone.
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
Create a Schedule for Lunch Hours:
- Navigate to System | Schedules
- Click on Add
- Provide a Schedule Name and configure the Schedule as per the screenshot below
NOTE: In this scenario, we are scheduling Facebook access only during lunch hours. The days and the timings can be set as per your requirement.
In the above screenshot, two schedules are created in the schedule list, One is from 00:00 hours to 12 noon and the other schedule is from 13:30 hours to 24:00 hours and the same rule will be applying from Monday through Friday.
Block Facebook using App Control Advanced and apply the Schedule:
- Navigate to Firewall | App Control Advanced
- Set the category to Social Networking
- In the Application drop down menu, Select Facebook.
- Click on the icon next to Facebook and set the Block to Enable and Log to Enable.
- In the Schedule drop down menu, Select Facebook for Lunch and click on OK to save the settings.
Enable App Control on the Zones required:
- Navigate to Network | Zones
- Edit the Zone Required and check the Enable App Control Service option to apply the App Control to the devices on that Zone.
- At this point Facebook should be allowed only during Lunch Hours (12:00 to 13:30 hours)
Related Articles
- How to configure Tunnel interface VPN between SonicWall and Sophos Firewall
- How to configure Site-to-Site IPsec VPN between SonicWall and Sophos Firewall
- Unable to enable Memory Integrity on Windows due to Netextender Driver incompatibility
Categories
- Firewalls > TZ Series
- Firewalls > SonicWall SuperMassive E10000 Series
- Firewalls > SonicWall SuperMassive 9000 Series
- Firewalls > SonicWall NSA Series
Was This Article Helpful?
YESNO
How can I block social networking sites (eg. Facebook) using Application Control Advanced?
09/27/2022 140 People found this article helpful 204,069 Views
Description
The application signature databases that were previously included with SonicWall intrusion prevention service (IPS) are now part of the Application Control feature. These signature databases are used to protect users from application vulnerabilities as well as worms, Trojans, peer-to-peer transfers, spyware and backdoor exploits. The extensible signature language used in SonicWall’s deep packet inspection engine also provides proactive defense against newly discovered application and protocol vulnerabilities.
The configuration method on the App Control Advanced page allows granular control of specific categories, applications, or signatures. This includes granular logging control, granular inclusion and exclusion of users, groups, or IP address ranges, and schedule configuration. The settings here are global policies and independent from any custom App Rules policy.
This article describes the method to block social networking sites Facebook, LinkedIn and SnapChat individually.
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6. 5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
- Login to the SonicWall management GUI.
- Click Manage in the top navigation menu.
- Navigate to the Policy | Security Services | App Control page.
- Check the box under Enable App Control and click Accept.
5. Navigate to Signatures
6. Select category SOCIAL NETWORKING
- Under Application, select the applications that you want to block, one by one. In this example we select the following.
- SnapChat
- After selecting each application, click configure button to open the Edit App Control App window.
- Set Block to Enable.
- Set Log to Enable.
- Click OK .
Log Messages
When hosts behind the SonicWall try to access www. facebook.com, www.snapchat.com will get blocked and the following messages will be logged.
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
- Login to the SonicWall management GUI.
- Click Manage in the top navigation menu.
- Navigate to the Policies | Rules | Advanced Application Control page.
- Check the box under Enable App Control and click Accept at the bottom of the page.
- Under View Style: Category, select SOCIAL NETWORKING.
- Under Application, select the applications that you want to block, one by one. In this example we select the following.
- SnapChat
- After selecting each application, click configure button to open the Edit App Control App window.
- Set Block to Enable.
- Set Log to Enable.
- Click OK .
Log Messages
When hosts behind the SonicWall try to access www.facebook.com, www.snapchat.com will get blocked and the following messages will be logged.
Resolution for SonicOS 6.2 and Below
The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.
- Login to the SonicWall management GUI.
- Navigate to the Firewall | App Control Advanced page.
- Check the box under Enable App Control and click Accept at the top of the page.
- Under View Style: Category, select SOCIAL NETWORKING.
- Under Application, select the applications that you want to block, one by one. In this example we select the following.
- SnapChat
- After selecting each application, click configure button to open the Edit App Control App window.
- Set Block to Enable.
- Set Log to Enable.
- Click OK .
Log Messages
When hosts behind the SonicWall try to access www.facebook.com, www.snapchat.com hey will get blocked and the following messages will be logged:
Related Articles
- How to configure Tunnel interface VPN between SonicWall and Sophos Firewall
- How to configure Site-to-Site IPsec VPN between SonicWall and Sophos Firewall
- Unable to enable Memory Integrity on Windows due to Netextender Driver incompatibility
Categories
- Firewalls > NSa Series > Application Firewall
- Firewalls > NSv Series > Application Firewall
- Firewalls > TZ Series > Application Firewall
Was This Article Helpful?
YESNO
Risks when allowing application communication in Windows Defender Firewall
Security Windows 10 Microsoft Defender More. ..Less
There are two ways to allow communication with an application in Windows Defender Firewall. Both of them are risky.
When you open a port in the Windows Defender Firewall, you allow traffic to or from the device as if you were snoozing holes in the firewall. This makes your device less secure and may allow hackers or malware to use one of these holes to gain access to files or use your device to spread malware to other devices. nine0003
In general, adding an application to the allowed list is safer than opening a port. The port remains open until you close it, and an allowed application only opens the "hole" when needed.
To reduce the security risk:
-
Allow communication with an application or open ports only if it is really necessary, and remove unnecessary applications from the list of allowed ones or close unnecessary ports. nine0003
-
Never allow an application that you don't know to communicate through the firewall.
-
Open the Start menu , type Allow an application in Windows Firewall and select the appropriate result from the list.
-
Select Change parameters . You may be asked to enter an administrator account password or confirm your choice.
-
To add an application, select the checkbox next to the application, or select Allow another application and enter the path to the application.
-
To remove an application, uncheck the box next to this application and press the 9 button0026 OK.
-
Open menu Start , type Windows Defender Firewall and select it from the list of results.
-
Click More options in the navigation menu on the left. You may be asked to enter an administrator account password or confirm your choice. nine0003
-
Select Inbound rules .
-
To open the port, select Create rule and follow the instructions.
-
To close a port, select the rule you want to disable, and then under Actions select Disable rule. nine0027
See also
Checking firewall settings
Firewall and network protection with Windows Security
How do I allow or prevent an application from posting on Facebook on my behalf?
Help Center
Using Facebook
Applications
We are updating the mobile version of Facebook.com. More
If you allow an app to share your activities on Facebook, it can post to your Feed, timeline, or group about your interactions with it (for example, when you listen to an album or finish a run).
To allow or block the app from posting to your Timeline or group:
Click the icon in the upper right corner of the Facebook window. nine0003
Scroll down and click Settings.
Click Apps & Sites and then Facebook Sign In.
Click on the name of the application, scroll down and select Post as you or Post content in groups on your behalf.
Press to enable or disable this feature.
Scroll down and select Save.
Can my Facebook friends using the same app tag me in posts that the app posts on their behalf? nine0003
If your friends are using the same app, changing these settings will not affect their ability to tag you in the app's posts. However, you can remove these posts from your Timeline. Learn more about how to control who can see your activity in the app.
Note. This option may not be available for all applications. If you don't see it, the app can't post on your behalf.