This guide will show you how to block various applications for certain users according to a time schedule. An example of the type of configuration required is:
- Do not allow kids on the Internet after 9:30 pm during a school day (Monday to Friday)
- Do not allow kids to have access to Internet at all on a Sunday
- Do not allow kids to use Messenger, Skype, Yahoo or ICQ
- Do not allow kids D/L songs on Limewire, Kazza, Azerus or some other P2P / Torrent type app.
- Allow unrestricted access to other members of the household
The steps required are:
- Configure router Time and Date
- Create Time Objects
- Create App Enforcement profiles
Step1: Configure Router Time and Date
It is essential to have the correct Time and Date in the router.
Go to “System Maintenance >> Time and Date” configuration menu.
Select the Time Zone that corresponds to your area and ensure NTP servers are entered. Click OK to save the setting.
Step2: Create Time Objects
Here we create two time objects:
- Monday to Friday 9:30 pm to 6:00 am
- All day Sunday
|Go to “Firewall >> Time Object” configuration menu.
Click on Add and enter a profile name.
For profile 1, enter the time range and select the days required
For Profile 2, Select All Day and Sunday.
Click OK to save profiles
Step3: Create App Enforcement Profiles
Here we create the App Enforcement profiles to block Messenger, Skype, Yahoo, ICQ, Limewire, Kazza, Azerus or some other P2P / Torrent type apps.
|Go to “CSM >> APP Enforcement” configuration menu.
Select “Enable App Enforcement”
Click on Add Entry and configure a new profile.
Enter details as shown in the diagram.
Here we have entered a single IP address which will have the restrictions applied to.
Select Block for action.
Select Time Object
Click on P2P tab and select applications to block.
To block Internet Messenger applications, click on IM tab and select required applications.
When complete Click on OK to save this profile.
Repeat these steps to create another profile. The only difference with the second profile is the Time Object will be different (Sunday).
Note: Only new sessions will be blocked by the firewall when the firewall rule comes into effect. Existing sessions will not be affected.
Applying the App Enforcement Profiles to a Range of IP Addresses
The example shown above shows the App Enforcement applying to a single IP address.
To apply the profiles to a range of IP addresses you will need to specify the IP address and the appropriate subnet mask (IP address/Subnet Mask).
For example to apply the rules to IP address range 192.168.1.96 to 192.168.1.103, we can use the IP address 192.168.1.100 and subnet mask of 255.255.255.248.