To prevent unawareness Windows updates, we can use the Firewall with URL filter and DNS filter to block client's access to Windows update server. The idea is to use the firewall to block the domains which are related to the Windows update service. This note demonstrates the configuration required.
1. Go to Objects Setting >> Keyword Object, click on an empty index to create a keyword object.
2. Name the profile and enter
windowsupdate in Contents.
3. Repeat the step above to add keyword profiles to all the domains below:
4. Go to CSM >> URL Content Filter Profile, click on an empty profile index to create a new one.
5. Edit the profile as follows:
6. Go to CSM >> DNS Filter to add a profile as follows:
7. Go to Firewall >> Filter Setup >> Filter Set 2, click on an empty index number.
8. Edit the profile as follows:
With the configuration above, the LAN clients will be blocked from the Windows update service.
1. Go to Objects Setting >> Keyword / DNS Object page >> DNS Object to create a object.
2. Enter the profile name, and add all the domains below into Member Table.
3. Go to Firewall >> Filter Setup page, add a Filter Group in IP Filter tab.
4. In the new filter group, click Add to create a new rule.
5. Edit the filter rule as follows:
With the configuration above, the LAN clients will be blocked from Windows update service.