Meraki Community

ErnstTFD

How to best block the use of LinkedIn with a group policy? Is there a layer 7 rule? If so in what category is it? If not any suggestions? Thanks.

thaack

LinkedIn is included in the "Professional Networking" Category.

You could append a group policy to include this category in "blocked categories" or add the LinkedIn domain to the block list URL patterns.

View solution in original post

thaack

LinkedIn is included in the "Professional Networking" Category.

You could append a group policy to include this category in "blocked categories" or add the LinkedIn domain to the block list URL patterns.

alemabrahao

This will block any website that falls into this category, not just Linkedin.

The best way is to block the URL if the objective is to block Linkedin only.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

DarrenOC

Whilst this may block the URL will it block the LinkedIn app?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

alemabrahao

Probably not @DarrenOC

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

jimmyt234

Could try Layer 7 rule blocking HTTP hostname of linkedin.com as well?

ErnstTFD

I in fact did this. Blocked professional networking and added the *linkedin.com rule. Works well.

thaack

Not tested of course, but I'd imagine the LinkedIn app would cease to function so long as you were connected to the organization's network either via category or a URL block. My assumption based on my limited knowledge of app development would be that the app needs to communicate with LinkedIn.com domain to function.

If you wanted to truly block the app from even install you would have to be managing the device in SM (or other MDM)

Also, Alemabraho is correct, blocking by category may have unintended consequences of blocking sites included in that category that you DONT want to block. My assumption with the goal of blocking LinkedIn was that other professional networking sites would want to be blocked as well. If you strictly want to block one site, URL blocking is the way to go.

However, with URL blocking, you only block that specific domain and in this example LinkedIn's CDN domain, licdn.com, would not be blocked. (But is included in the Professional Networking Category!)

alemabrahao

It depends, if you want to block it for everyone you can do it via the global configuration, if it is for a specific user or users you can do it via Group Policy.

There is no specific L7 for Linkedin so you can block it via content filtering using *linkedin.com

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

PhilipDAth

I would just create a plain old ordinary firewall rule blocking access to linkedin.com

Meraki Community

Block Linkedin

Block Linkedin