Block TLDs with ZScaler ZIA

accesspolicy

(Alex) #1

Is there an option with ZScaler to block TLDs?


(Scott Bullock) #2

Hi Alex, I just DM’d you the ER number, your Customer Success manager will be able to provide more updates in this regard.

With a lens on the use-case, which TLD’s are you looking to block and why?


#3

For us it’s because in schools, much content on TLDs such as .io and .tv is garbage which they would like for students to avoid.
Plus other filter vendors support this such as:
Cisco:


Lightspeed:

MacAfee:

OpenDNS:

Sonicwall:
https://www.sonicwall.com/en-us/support/knowledge-base/170505597962739
Symantec:
https://support.symantec.com/en_US/article.TECH241937.html
Websense:
https://www.websense.com/content/support/library/web/hosted/admin_guide/wd_categories.aspx


(Thomas Quinlan) #4

You can block countries within Zscaler under “Advanced Threat Protection | Blocked Countries”. Little known is that fancy domains like “.TV” and “.IO” correspond to countries and/or territories; for the former, it is Tuvalu; for the latter, British Indian Ocean Territory. You can choose these countries to block these domains. This won’t work for domains that aren’t country specific (.aero, .museum, etc.) but this functionality is in the ER already documented by @skottieb.