Contents

Restrict Google Apps to Allowed Domains

You can use the HTTPS proxy (with content inspection enabled) to block user access to personal Google services. You can specify which domains are allowed to use Google services. For example, you can allow domains used for Google for Work services, but block user connections to Google Gmail or other personal Google service accounts. Because most Google services are SSL encrypted, you must enable content inspection in the HTTPS proxy.

When you enable this feature, the web proxy server on the Firebox inserts an X-GoogApps-Allowed-Domains HTTP header, followed by a comma-separated allowed domain name list, into all requests for *.google.com.

Google services that do not require authentication, such as Google Search or YouTube, cannot be blocked.

To restrict Google Apps to allowed domains:

  1. Enable content inspection in an HTTPS proxy action. For more information, see HTTPS-Proxy: Content Inspection.
  2. In the HTTPS proxy action Content Inspection settings, adjacent to the Google Apps setting, click Edit.
  3. Select the Restrict Google Apps to Allowed Domains check box.

HTTPS Proxy Action - Allowed Google Domains

Allowed Google Domains configuration in Fireware Web UI

HTTPS Proxy Action - Allowed Google Domains

Allowed Google Domains configuration in Policy Manager

  1. To add a domain, type the domain in the text box and click Add.
    For example, type example.com.
  2. To remove a domain from the list, select the domain and click Remove.
  3. Save the configuration.

See Also

About Proxy Policies and ALGs

About the HTTPS-Proxy

Give Us Feedback  ●   Get Support  ●   All Product Documentation  ●   Technical Search