I have seen this question a few times on both internal and external lists so I figured I would write a quick blog on this.
Forefront TMG Beta3 URL filtering feature allows you to create rules that will block or allow traffic based upon the categorization of the URL. For more information the URL filtering feature see the Dotan’s blog post, URL Filtering is Here!.
So you created a rule to block specific access to Restaurant/Dining URL category like the one below. Replace Restaurant/Dinning with the category of your choice.
As the admin you need access to restaurant sites or your day is not complete and with the new rule added above you TMG is blocking you. Replace “admin” with CEO, President, etc.
You have a few options available at your disposal to give the employee access to the restaurant and dinning web sites.
Modify the existing rule and add an exception on either the From tab or the Users tab. In the configuration below the Block rule would not apply to traffic originating from “MyComputer” computer object. You still need a rule after the block rule that allows traffic out to the Internet.
Create a new rule above the block rule allowing traffic from “MyComputer” to the Restaurants/Dinning URL category. You can also create an allow rule for specific users.
Both solutions work, I personally prefer Solution 1 as it does not require creating additional rules, however on the other hand Solution 2 is a little bit easier to understand with a quick glace at the rule base. It is nice to have options. :)
Gershon Levitz, Program Manager, Forefront TMG
Jim Harrison, Program Manager, Forefront TMG