Sangfor HCI: How to block access Facebook by Web Filtering on Sangfor NGAF.


Sangfor NGAF is a converged security solution providing protection against IPS, advanced threat, malware, viruses, ransomware and web-based attacks using integrated security features like FW, IPS, AV, Anti-malware, APT, URL filtering, Cloud Sandbox, and WAF. Sangfor NGAF uses its own Cloud Sandbox to isolate possible emerging threats that haven’t yet been added to any security database, making it especially effective against 0-day attacks.

This article will guide how to configure block facebook web access with Web Filtering.

1.Network Diagram

2. How to configure

 Step1: Login to NGAF. Go to Objects > Open Content Indentification Database > choose URL Database > Click Add.

In Add URL Category window:

Name: Enter name. Ex: BlockFacebook

URL: Enter www.facebook and *.facebook.

URL Keyword: Enter

Click OK

Step 2: Go to Object > Security Policy Template > choose Content Security. Click Add.

In New windows:

  • Name: Enter name.
  • Schedule: choose Work time (You can set in Object > Schedule > Recurring Schedule).
  • Click URL Filter and click icon PC.

URL Database: scroll down and choose Category is BlockFacebook, which you have create.

You can use the Search tool or choose the Categories in the URL Database below that match the policy you want

Click OK

After set up all parameter. Click Ok

Step 3: Go to Policies > Network Security > Policies. Click Add > choose Policy for Internet Access Scenario.

In Add IP Group windows:

  • Name: Enter Name
  • Soucre: Choose Zone is LAN / Network Object choose LAN IP Group (You can create Network Object in Object tab > Network Object).

Destination: Choose Zone is WAN / Network Object choose All.

Click Next.

In Protection tab: click choose Content Security and scroll down select BlockFB, which you have create.

Action: set Deny.

Click Next and Ok.

Step 4: Result

User can’t access to facebook site


Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.