Managing Protocols White List
The Protocols White List lets you selectively allow network communication over any supported protocol regardless of existing protocol blocking settings. The white list is most effective in “least privilege” scenarios when you block all protocol traffic and then specifically authorize only resources required for employees to perform their daily job duties. Resources in the white list can be identified by IPv4 or IPv6 addresses.
For example, suppose that you deny all users access to the SMTP and Web Mail protocols, and then use the white list to let certain users send mail to specific e-mail addresses so that the users can perform their job tasks. By applying these security policies, you can minimize potential risks of data leakage, theft, and misuse.
Under the Protocols > White List node in the console tree you can see a list of users and groups that have a protocols white list specified. Protocols in the white list can be specified individually for every user and group.
The shortcut menu of the protocols white list provides the following commands:
•Delete User - Deletes the user or group from the white list.
•Manage - Opens a dialog box where you can set or change the online (regular) white list.
•Manage Offline - Opens a dialog box where you can set or change the offline white list.
•Load - Loads a previously saved regular white list from an external file.
•Load Offline - Loads a previously saved offline white list from an external file.
•Save - Saves the regular white list to an external file.
•Save Offline - Saves the offline white list to an external file.
•Undefine Offline - Resets the entire offline white list to the unconfigured state. If the offline white list is undefined, the regular white list is applied to offline client computers.