Facebook at Work is a new service from Facebook designed to allow colleagues in organizations to collaborate and network in a similar way to how Facebook users interact in ordinary Facebook:
This article describes how to allow your users access to your corporate Facebook at Work social network, while preventing them from accessing their standard Facebook account
You will need to block most Facebook requests, but allow requests to your corporate page:
As well as several other background domains necessary to display content from Facebook
SSL interception: This is a prerequisite and essential for controlling Facebook traffic as it is almost exclusively served in HTTPS.
Policy to be implemented:
Here is some sample policy which according to testing allows Facebook at work for your Facebook at Work page (e.g. company.facebook.com), but blocks other facebook.com requests:
1) Using CPL policy:
define condition fbatwork
url.domain=company.facebook.com (where company is your company name)
For details about how to install CPL, have a look at this KB article:
How do I add CPL to a local policy file on the ProxySG?
2) Using VPM:
a) Create a new Web Access layer
b) Create a first rule: Source: Any (or a user or group, as you wish) Destination: New > Combined Destination Object > New URL and then add each of these URLs, one at a time:
With this policy, you should be able to open company.facebook.com but you will be denied opening facebook.com