Allow users to access an approved Twitter page but block all other Twitter pages

book

Article ID: 168331

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Configure the ProxySG appliance to allow access to a specific Twitter page, such as your corporate Twitter page, but block access to all other Twitter pages.
 

Resolution

Perform the following steps:

Note: The following instructions use the Blue Coat Twitter page as an example:
https://twitter.com/bluecoat
 
  1. Because Twitter uses HTTPS for this policy to work, you must enable SSL Interception on the ProxySG appliance. The following knowledge base articles describe how to enable SSL interception for a self-signed certificate or if you have an internal PKI:
  2. Add a new Web Access Layer and a rule to block access to the Twitter page:
    • User-added image
  3. Add a rule to allow access to the specific Twitter page:
    • User-added image​​
  4. Because Twitter uses other pages to load data for the page, add rules to allow the following URLs: 
    - pbs.twing.com
    - abs.twimg.com
    • User-added image
  5. Because Twitter uses HTTPS, add a rule to allow access to tcp://twitter.com or the request for https://twitter.com will not work:
    • User-added image

If you install this policy, users can access the Twitter page twitter.com/bluecoat, but are blocked from accessing other Twitter pages.

If you wanted to have this rule match certain users or groups, you could add a Layer Guard in the Layer that will only allow these certain Users or Groups to match these rules:

User-added image

User-added image

Attachments