Adding Custom Rules

Jamf Protect Documentation
Solution
Application
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

You can apply custom rules to allow traffic for specific sites and apps that are otherwise blocked by existing rules.

Custom rules override content rules. For example, if you use a content rule to block all sites in the "Video and photo" category, and a custom rule that allows http://www.pbskids.org, videos on pbskids.org will not be blocked. Similarly, if the content rule is set to allow the "Video and photo" category, but a custom rule blocks http://www.pbskids.org, all sites in the "Video and photo category" will be allowed, except pbskids.org.

  1. In Jamf Security Cloud, go to Policies > Internet > Content filtering policy.
  2. Select the Custom rules tab.
  3. Under Add custom rules, specify the sites and apps for which you want to create a custom rule.

    You can either enter the list manually, or upload a CSV file. Valid formats include:

    • Domain names (for example, jamf.com): A rule based on a domain name will include all subdomains of that domain. For example, a rule that allows the domain jamf.com will also allow learn.jamf.com and company.jamf.com

    • Second-level domains with an asterisk wildcard (for example, jamf.*): A rule based on a second-level domain with an asterisk wildcard will include all possible top-level domains and subdomains. For example, a rule that blocks jamf.* will block jamf.com, jamf.org, learn.jamf.com, company.jamf.co.uk, and so on.

    • Top-level domains (for example, com or org): A rule based on a top-level domain (TLD) will include all domains ending in that TLD. For example, a rule that blocks com will block any domain that ends in .com. You can also limit access to web content from certain countries or regions by blocking domains that contain specific country code TLDs.

    • IPv4 and IPv6 addresses, subnets, and ranges

  4. Click Allow or Block, depending on how you want to apply the custom policy to this list.
  5. Click Add Custom rules.
  6. Under Custom Rules, you can further configure each policy rule.
    1. Select the platforms and traffic interfaces, then click Allow or Block, as required.
    2. (Optional) Select one or more policy schedules from the Schedule column to apply the rule only during specified days and times.
    3. (Optional) Select Inherit all to inherit all the rules in the category from the level above.
  7. Click Save and apply.

The policy rules are applied to devices within the scope of the selected Organization Unit level.