Restrict Google Apps to Allowed Domains

You can use the HTTPS proxy (with content inspection enabled) to block user access to personal Google services. You can specify which domains are allowed to use Google services. For example, you can allow domains used for Google for Work services, but block user connections to Google Gmail or other personal Google service accounts. Because most Google services are SSL encrypted, you must enable content inspection in the HTTPS proxy.

When you enable this feature, the web proxy server on the Firebox inserts an X-GoogApps-Allowed-Domains HTTP header, followed by a comma-separated allowed domain name list, into all requests for *.google.com.

Google services that do not require authentication, such as Google Search or YouTube, cannot be blocked.

To configure allowed domains for Google Apps access:

  1. Enable content inspection in an HTTPS proxy action.
  2. Select the Restrict Google Apps to Allowed Domains check box.

HTTPS Proxy Action - Allowed Google Domains
Allowed Google Domains configuration in Fireware Web UI

HTTPS Proxy Action - Allowed Google Domains
Allowed Google Domains configuration in Policy Manager

  1. To add a domain, type the domain in the text box and click Add.
    For example, type example.com.
  2. To remove a domain from the list, select the domain and click Remove.
  3. Save the configuration.

See Also

About Proxy Policies and ALGs

About the HTTPS-Proxy

Give Us Feedback     Get Support     All Product Documentation     Technical Search