Your company email is hosted on Google and use Gmail as email service. However, you need to block private Gmail access on your network and allow only the corporate Gmail accounts.
Implementing an HTTP Inspection policy in InterScan Web Security Virtual Appliance (IWSVA) can be used to address this scenario.
To block personal Gmail account:
-
Go to HTTP > HTTP Inspection > Filters.
-
Under the Inspection Filter section, in the Filter Name field, enter Check_GMAIL.
-
Tick the Advanced View radio button then copy and paste the following expression in the Patterns field:
google_act REQ {
HOST: .*\.google\.com
EVENT: {
OP: HEADER_REMOVE
HEADER: X-GoogApps-Allowed-Domains
}
EVENT: {
OP: HEADER_ADD
HEADER: X-GoogApps-Allowed-Domains
VALUE: your-allowed-domain1, your-allowed-domain2
}
}Replace "your-allowed--domain1" or "your-allowed-domain2" with your corporate domain(s). -
Navigate to HTTP Inspection > Policies, and make sure the Check_GMAIL filter is set to Allow Scan:
- Save and deploy the policies to the clients.
-
Verify that the personal Gmail is blocked by logging in to your private Gmail account. It should look like the following: