Hello all,
I've played with with this concept in the past, but never came up with a complete solution. I have a Custom IPS Signature that can block individual external sites, Google, Yahoo, etc...and I've played a bit with firewall rules to block port 80/8443, but I'm not sure of the "best" way to implement this control using SEP.
Essentially I would like to do the following:
1) Using a host integrity requirement, looking for the existence of a registry key value or an MS Patch.
2) If the registry key is 1, or the MS Patch is missing, then Block Internet access on the client.
3) If the registry key is 2, then Block Internet AND Intranet access on the client.
I thought that maybe I could run a script (every 5 minutes to offest the policy that the sepm sends down) that imports a custom firewall rule or a custom IP signature? But I'm not 100% sure the the content of those rules, I could use a little help authoring them.
I'm open to any other suggestions as to how I might accomplish this control.
Thanks for your time,
-Mike