How to exclude specific computers from URL Filtering?

I have seen this question a few times on both  internal and external lists so I figured I would write a quick blog on this.

Forefront TMG Beta3 URL filtering feature allows you to create rules that will block or allow traffic based upon the categorization of the URL. For more information the URL filtering feature see the Dotan’s blog post, URL Filtering is Here!.

So you created a rule to block specific access to Restaurant/Dining  URL category like the one below. Replace Restaurant/Dinning with the category of your choice.URL filtering rule

As the admin you need access to  restaurant sites or your day is not complete and with the new rule added above you TMG is blocking you.   Replace “admin” with CEO, President, etc.

You have a few options available at your disposal to give the employee access to the restaurant and dinning web sites.

 Solution 1:

Modify the existing rule and add an exception on either the From tab or the Users tab. In the configuration below the Block rule would not apply to traffic originating from “MyComputer” computer object.  You still need a rule after the block rule that allows traffic out to the Internet.

From tab exception or User tab exception

Solution 2:

Create a new rule above the block rule allowing traffic from “MyComputer” to the Restaurants/Dinning URL category.  You can also create an allow rule for specific users.

 

 

Both solutions work, I personally prefer Solution 1 as it does not require creating additional rules, however on the other hand Solution 2 is a little bit easier to understand with a quick glace at the rule base.  It is nice to have options. :)

 

Author:

Gershon Levitz, Program Manager,  Forefront TMG

Reviewers

Jim Harrison, Program Manager, Forefront TMG