How to block HTTP access to top-level domains using Application Firewall

Description

How to block HTTP access to top-level domains using Application Firewall

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.


  • Login to the SonicWall Management GUI
  • Navigate to the Object |Match Objects | Match Objects.
  • Click on Add New Match Object to open the Add/Edit Match Object window.
  • Enter the following information and click on SAVE.

Note: The top-level domains listed here are examples. You could add domains of your choice.

      Image


  • Navigate to the Policy | Rules and Policies | App Rules page.
  • Click on the Add New Policy button to open the Edit App Control Policy window.
  • Enter the following information and click on OK.

      Image


  • Navigate to the Policy | Rules and policies| App Rules | Settings 
  • Enable the check-box Enable App Rules

      Image


Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.


  • Login to the SonicWall Management GUI
  • Navigate to the Manage | Objects | Match Objects.
  • Click on Add New Match Object to open the Add/Edit Match Object window.
  • Enter the following information and click on SAVE.

Note: The top-level domains listed here are examples. You could add domains of your choice.

     Image


  • Navigate to the Manage | Rules | App Rules page.
  • Click on the Add New Policy button to open the Edit App Control Policy window.
  • Enter the following information and click on OK.

     Image


  • Navigate to the Manage | Rules | App Rules | Settings 
  • Enable the check-box Enable App Rules

       Image


Resolution for SonicOS 6.2 and Below

The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.


  • Login to the SonicWall Management GUI
  • Navigate to the Firewall | Match Objects page ( In older SonicOS firmware, this page would be under Application Firewall | Match Objects)
  • Click on Add New Match Object to open the Add/Edit Match Object window.
  • Enter the following information and click on OK

Note: The top-level domains listed here are examples. You could add domains of your choice.

Image

  • Navigate to the Firewall | App Rules page.
  • Click on the Add New Policy button to open the Edit App Control Policy window.
  • Enter the following information and click on OK.

Image

  • Enable the check-box Enable App Rules.
Image


Testing:

From a host behind the SonicWall try to access search.xxx and you will get the following error in the web-browser:

Image
The following messages will be logged in the SonicWall under Log | View
Image

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community