This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Legacy
- Extreme Cloud
- RE: White List Websites with ExtremeCloud Solution
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
White List Websites with ExtremeCloud Solution
White List Websites with ExtremeCloud Solution
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
02-02-2017 08:41 AM
We habe some Customers from medical Business which wants a Solution with 2 or 3 Access Points in Public Spots of small Hospitals.
They demand a solution with 2 Networks, a SSID with a short Passwort "1234" but only Access to 4 or 5 Special Websites (CNN / Healthcare ) and a SSID with a strong Password for employes.
Can i build a SSID / Network that only contains some Websites ?? I have found IP Block / Deny and Application Block and Allow but no Point of "Whitelist Websites". Of Course i could allow IP but this ist not usable with big News Sites.
They demand a solution with 2 Networks, a SSID with a short Passwort "1234" but only Access to 4 or 5 Special Websites (CNN / Healthcare ) and a SSID with a strong Password for employes.
Can i build a SSID / Network that only contains some Websites ?? I have found IP Block / Deny and Application Block and Allow but no Point of "Whitelist Websites". Of Course i could allow IP but this ist not usable with big News Sites.
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
06-22-2017 05:07 PM
Hi. Thanks to your questions and answers, I have written a procedure that will be included in the customer documentation for 4.01.01. Here is a peek, although the nice formatting we will have cannot be replicated here:
Whitelisting One or More Applications
You can create a policy to block everything except a single application or small group of applications (or web sites).
To whitelist one or more applications:
1. Select Roles from the menu.
2. Select Add to add a new role. Alternatively, select an existing role and select Configure Role.
3. Create a Deny policy to block everything. This policy can be assigned to a public user SSID.
4. Add an extended application policy to allow a single web site. From the Configure Role page, select New Application Policy.
A new row is added to the Rules list.
5. Select the Edit (pencil) icon and configure the application rule.
6. Next to the Application field, select the Edit (pencil) icon.
The Custom Applications dialog opens.
7. Select Create New Application and configure the fields in the Application Setting dialog that opens.
For example, to allow access to www.companyname.com, enter Web Applications as the group,
Company Name as the name, and www.companyname.com as the pattern.
Group - Specify the application group to which the application belongs. The groups are pre-defined and cannot be customized.
Name - Enter a unique name for the custom application.
Pattern - Enter all or part of a fully qualified domain name (FQDN). The rule will match if the text that you enter appears anywhere in the host header of HTTP traffic. Example: The pattern companyname will match 'www.companyname.com', 'companyname.com' and 'http://www.company-name.com'. The match is case sensitive, so the pattern will not match 'Companyname.com'.
8. Repeat step 4-7 as needed to add additional individual web sites that each allow one web site. For
example, if you want to allow five web sites, make an extended application rule for each web site, for
a total of 5 extended application rules.
Whitelisting One or More Applications
You can create a policy to block everything except a single application or small group of applications (or web sites).
To whitelist one or more applications:
1. Select Roles from the menu.
2. Select Add to add a new role. Alternatively, select an existing role and select Configure Role.
3. Create a Deny policy to block everything. This policy can be assigned to a public user SSID.
4. Add an extended application policy to allow a single web site. From the Configure Role page, select New Application Policy.
A new row is added to the Rules list.
5. Select the Edit (pencil) icon and configure the application rule.
6. Next to the Application field, select the Edit (pencil) icon.
The Custom Applications dialog opens.
7. Select Create New Application and configure the fields in the Application Setting dialog that opens.
For example, to allow access to www.companyname.com, enter Web Applications as the group,
Company Name as the name, and www.companyname.com as the pattern.
Group - Specify the application group to which the application belongs. The groups are pre-defined and cannot be customized.
Name - Enter a unique name for the custom application.
Pattern - Enter all or part of a fully qualified domain name (FQDN). The rule will match if the text that you enter appears anywhere in the host header of HTTP traffic. Example: The pattern companyname will match 'www.companyname.com', 'companyname.com' and 'http://www.company-name.com'. The match is case sensitive, so the pattern will not match 'Companyname.com'.
8. Repeat step 4-7 as needed to add additional individual web sites that each allow one web site. For
example, if you want to allow five web sites, make an extended application rule for each web site, for
a total of 5 extended application rules.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
05-05-2017 12:24 PM
If you go to VNS->Roles you can create a policy to block everything. That could be assigned to the public user ssid. Then add another 5 policies to allow to the 5 websites. Vns-Roles->choose a role or make a new one and then select that role ->select the Policy Rules tab->click add->select l7 radio button->click "Custom Web Application"->click "+" to make a new one->then choose group: Web Application, type: Host name, Matching Patterns:cnn.com. This would allow traffic to cnn.com.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
02-02-2017 12:51 PM
i dont want to filter apps i want to have a whitelist of Websites ... for instance www.cnn.com and drop all other sites ...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
02-02-2017 11:27 AM
I believe you can do it. Define rules what will allow your apps first. Last rule will be drop unknown apps. The rule before the last will be drop all other known...
Regards
Zdeněk Pala
