Knowledge Base » Security Policies » Configuring Firewall ACLs and Domain Blocking

Configuring Firewall ACLs and Domain Blocking

GuardAxion Browser Security Security Policies By Bryan Caddy Nov 30, 2025 9:09 PM 6 views

Firewall ACLs and Domain Blocking

Overview

Firewall Access Control Lists (ACLs) control which domains and websites users can access through their browsers.

Creating ACL Rules

Step 1: Navigate to Firewall ACLs

  1. Go to Security Policies > Firewall ACLs
  2. Click Add New Rule

Step 2: Configure Rule

  • Domain Pattern: URL or pattern to match
  • Action: Allow or Block
  • Priority: Execution order (1 = highest)
  • Description: Purpose of the rule

Step 3: Set Conditions

  • Service Classes: Which user groups
  • Time Schedule: When rule is active
  • Exceptions: User or group overrides

Pattern Matching

Exact Domain

example.com

Matches only exact domain

Subdomain Wildcard

*.example.com

Matches all subdomains

Path Matching

example.com/admin/*

Matches specific paths

Multiple Domains

Create separate rules or use category-based blocking

Common ACL Scenarios

Block Social Media (Work Hours)

Domain: *.facebook.com, *.twitter.com, *.instagram.com
Action: Block
Schedule: Monday-Friday, 9am-5pm
Service Class: Standard Employee

Allow Corporate Resources

Domain: *.company.com
Action: Allow
Priority: 1
Service Class: All

Block File Sharing Sites

Domain: *.dropbox.com, *.wetransfer.com
Action: Block
Exceptions: IT Department

Restrict Webmail Access

Domain: gmail.com, yahoo.com, outlook.com
Action: Block
Exceptions: Allow personal email domain

Using Category-Based Blocking

Available Categories

  • Social Networking
  • Streaming Media
  • File Sharing
  • Gambling
  • Adult Content
  • Malware/Phishing
  • Anonymizers/VPN

Creating Category Rules

  1. Select Use Category option
  2. Choose category from list
  3. Set action and priority
  4. Apply to service classes

Whitelist vs Blacklist Approach

Whitelist (Restrictive)

  1. Create default DENY all rule (low priority)
  2. Add ALLOW rules for approved sites (high priority)
  3. Best for high-security environments

Blacklist (Permissive)

  1. Default ALLOW all (low priority)
  2. Add BLOCK rules for prohibited sites
  3. Best for balanced productivity/security

Testing ACL Rules

Before Deployment

  1. Create test service class
  2. Enroll test browser
  3. Verify rules work as expected
  4. Check performance impact

After Deployment

  1. Monitor block events in analytics
  2. Review user feedback
  3. Adjust based on false positives
  4. Document changes

Best Practices

  • Use priority levels effectively (1-100)
  • More specific rules = higher priority
  • Test before wide deployment
  • Document business justification
  • Review blocked sites quarterly
  • Balance security with productivity
  • Use time-based rules for flexibility

Monitoring and Reporting

View blocked attempts:

  1. Analytics Dashboard > Event Log
  2. Filter: Event Type = Block
  3. Export reports for compliance

Was this article helpful?

Still need help? Create a ticket

Related Articles

← Back to Knowledge Base