29
The firewall rules should now look like the below picture:
NOTE: that the downside to using FW rules to block/allow websites is that if a user is a member of different
groups in LDAP, and if different rules are created for different groups, it can cause undesirable behavior for a
given user. Firewall rules are processed from top down and rule processing stops as soon as there is a
match. This is why it’s critical to order your rules appropriately.