;; CPL generated by Visual Policy Manager: [Wed Dec 13 09:38:07 ICT 2017] ;************************************************************* ; WARNING: ; THIS FILE IS AUTOMATICALLY GENERATED - DO NOT EDIT! ; ANY MANUAL CHANGES TO THIS FILE WILL BE LOST WHEN VPM ; POLICY IS REINSTALLED. ;************************************************************* define category "o356" adhybridhealth.azure.com api.skype.com blob.core.windows.net blob.core.windows.net config.skype.com cqd.lync.com glbdns.microsoft.com infra.lync.com live.com lync.com microsoft.com microsoftonline.com microsoftonline-p.com microsoftonline-p.net msecnd.net msedge.net msocdn.com office.com office.net office365.com online.lync.com onmicrosoft.com pipe.aria.microsoft.com portal.cloudappsecurity.com protection.outlook.com queue.core.windows.net resources.lync.com servicebus.windows.net sfbassets.com skypeforbusiness.com table.core.windows.net urlp.sfbassets.com users.storage.live.com windows.net accesscontrol.windows.net account.activedirectory.windowsazure.com account.office.net adminwebservice.microsoftonline.com agent.office.net amp.azure.net analytics.localytics.com apc.delve.office.com api.localytics.com api.login.microsoftonline.com api.office.com appsforoffice.microsoft.com assets.onestore.ms aus.delve.office.com auth.gfx.ms browser.pipe.aria.microsoft.com c.microsoft.com c1.microsoft.com can.delve.office.com clientconfig.microsoftonline-p.net clientlog.portal.office.com compliance.outlook.com config.edge.skype.com connect.facebook.net Contentstorage.osi.office.net dc.services.visualstudio.com delve.office.com device.login.microsoftonline.com dgps.support.microsoft.com equivio.office.com eur.delve.office.com firstpartyapps.oaspapps.com gbr.delve.office.com graph.microsoft.com graph.windows.net groupsapi2-prod.outlookgroups.ms groupsapi3-prod.outlookgroups.ms groupsapi4-prod.outlookgroups.ms groupsapi-prod.outlookgroups.ms hip.microsoftonline-p.net hipservice.microsoftonline.com home.office.com ind.delve.office.com jpn.delve.office.com kor.delve.office.com lam.delve.office.com liverdcxstorage.blob.core.windowsazure.com login.microsoft.com login.microsoftonline.com login.microsoftonline-p.com login.windows.net logincert.microsoftonline.com loginex.microsoftonline.com login-us.microsoftonline.com manage.office.com management.azure.com mem.gfx.ms mscrl.microsoft.com nam.delve.office.com nexus.microsoftonline-p.com nexus.officeapps.live.com nexusrules.officeapps.live.com office365servicehealthcommunications.cloudapp.net office365zoom.cloudapp.net outlook.office365.com outlook.uservoice.com pipe.skype.com platform.linkedin.com policykeyservice.dc.ad.msft.net portal.microsoftonline.com portal.office.com prod.firstpartyapps.oaspapps.com.akadns.net prod.msocdn.com products.office.com protection.office.com provisioningapi.microsoftonline.com quicktips.skypeforbusiness.com res.delve.office.com rink.hockeyapp.net sdk.hockeyapp.net secure.aadcdn.microsoftonline-p.com securescore.office.com signup.microsoft.com skypegraph.skype.com skypemaprdsitus.trafficmanager.net stamp2.login.microsoftonline.com suite.office.net support.content.office.net support.office.com swx.cdn.skype.com technet.microsoft.com telemetry.remoteapp.windowsazure.com telemetryservice.firstpartyapps.oaspapps.com templates.office.com video.osi.office.net videocontent.osi.office.net videoplayercdn.osi.office.net vortex.data.microsoft.com wus-firstpartyapps.oaspapps.com remoteapp.windowsazure.com registration.msappproxy.net bkiconnect.onmicrosoft.com windowsupdate.com cloudapp.net bkiconnect.mail.protection.outlook.com end category "o356" define category "O365_set2" smtp.office365.com outlook.com protection.outlook.com office.com office356.com end category "O365_set2" define category "Request by User" end category "Request by User" define category "Whitelist" villagebakeandcake.com lmginsurance.co.th boonrawd.co.th eunite.com adobe.com dataroom.vpbs.com.vn sms2.911itwist.com thebusinessplus.com 911itwist.com cdn.line-apps.com otepc.go.th www.kenprocctv.com accesscontrol.windows.net backup.windowsazure.com hypervrecoverymanager.windowsazure.com store.core.windows.net blob.core.windows.net www.msftncsi.com/ncsi.txt time.windows.com time.nist.gov jaid-project.com track.thailandpost.com kitsand.com wongkarnpat.com smartsme.tv thaimlmnews.com m12.cloudmqtt.com onmicrosoft.com cloudapp.net microsoftonline-p.com microsoftonline-p.net azurewebsites.net azureedge.net msedge.net msocdn.com msecnd.net msft.net aspnetcdn.com akamaihd.net cloudappsecurity.com outlookgroups.ms akadns.net oaspapps.com onestore.ms gfx.ms svc.ms sfx.ms datawarehouse.dbd.go.th depdis.com chatfuel.com searasports.com imd.co.th end category "Whitelist" ;; Description: define subnet "Agent Guest F8_172.18.123.15-17" 172.18.123.15/32 172.18.123.16/32 172.18.123.17/32 end subnet "Agent Guest F8_172.18.123.15-17" ;; Description: define subnet Exmail_172.16.1.59-61 172.16.1.59/32 172.16.1.60/32 172.16.1.61/32 end subnet Exmail_172.16.1.59-61 ;; Description: define subnet VLAN101_172.16.5.51-52_101-102 172.16.5.101/32 172.16.5.102/32 172.16.5.51/32 172.16.5.52/32 end subnet VLAN101_172.16.5.51-52_101-102 ;; Description: define subnet BKIINTRA2012 172.16.4.241/32 172.16.4.239/32 172.16.1.39/32 end subnet BKIINTRA2012 ;; Description: define condition "__CondList1Computer Access_No_Authen" client.address="Agent Guest F8_172.18.123.15-17" client.address=Exmail_172.16.1.59-61 client.address=VLAN101_172.16.5.51-52_101-102 client.address=172.16.1.239/32 client.address=172.18.57.13/32 client.address=172.16.1.32/32 client.address=172.16.1.11/32 client.address=172.16.1.78/32 client.address=172.17.12.107/32 client.address=172.16.1.19/32 client.address=172.16.1.128/32 client.address=172.16.1.163/32 client.address=172.16.1.26/32 client.address=172.16.1.27/32 client.address=172.16.1.84/32 client.address=172.16.1.85/32 client.address=172.16.1.131/32 client.address=172.16.1.132/32 client.address=172.16.1.82/32 client.address=172.16.1.148/32 client.address=172.16.3.1/32 client.address=172.16.3.3/32 client.address=172.16.1.36/32 client.address=172.16.1.213/32 client.address=172.16.30.0/24 client.address=172.16.21.114/32 client.address=172.16.4.14/32 client.address=172.16.4.13/32 client.address=172.16.4.15/32 client.address=172.16.4.172/32 client.address=172.16.4.173/32 client.address=172.22.4.0/24 client.address=172.16.4.5/32 client.address=BKIINTRA2012 client.address=172.16.51.212/32 client.address=172.21.9.1-172.21.9.200 client.address=172.16.51.214/32 client.address=172.16.3.201/32 client.address=172.16.54.77/32 client.address=10.16.1.71/32 client.address=172.16.52.121/32 client.address=172.16.12.38/32 client.address=172.16.2.196/32 client.address=10.16.1.88/32 client.address=172.16.12.118/32 client.address=172.16.12.119/32 client.address=172.16.51.102/32 client.address=172.16.51.103/32 end condition "__CondList1Computer Access_No_Authen" define condition "Computer Access_No_Authen" condition="__CondList1Computer Access_No_Authen" end condition "Computer Access_No_Authen" define condition "gia Domain" url.domain="gia.net" end condition "gia Domain" define condition mzstatic.com url.host.suffix="mzstatic.com" end condition mzstatic.com define condition itunes url.host.substring="itunes" end condition itunes ;; Description: define condition __CondList1for_update_itunes condition=mzstatic.com condition=itunes url.domain="securemetrics.apple.com" url.domain="swscan.apple.com" url.domain="xp.apple.com" end condition __CondList1for_update_itunes define condition for_update_itunes condition=__CondList1for_update_itunes end condition for_update_itunes define condition bangkokinsurance.com url.domain="bangkokinsurance.com" end condition bangkokinsurance.com define condition bki.co.th url.domain="bki.co.th" end condition bki.co.th ;; Description: define condition "__CondList1Bangkokinsurance&BKI Domain" condition=bangkokinsurance.com condition=bki.co.th end condition "__CondList1Bangkokinsurance&BKI Domain" define condition "Bangkokinsurance&BKI Domain" condition="__CondList1Bangkokinsurance&BKI Domain" end condition "Bangkokinsurance&BKI Domain" define condition demo.rvp.co.th url.domain="demo.rvp.co.th" end condition demo.rvp.co.th define condition epolicy.rvp.co.th url.domain="epolicy.rvp.co.th" end condition epolicy.rvp.co.th define condition epolicy3.rvp.co.th url.domain="epolicy3.rvp.co.th" end condition epolicy3.rvp.co.th define condition rvp.co.th url.domain="rvp.co.th" end condition rvp.co.th define condition e-recovery.rvp.co.th url.domain="e-recovery.rvp.co.th" end condition e-recovery.rvp.co.th define condition rvpeservice.com url.domain="rvpeservice.com" end condition rvpeservice.com ;; Description: define condition "__CondList1E Policy" condition=demo.rvp.co.th condition=epolicy.rvp.co.th condition=epolicy3.rvp.co.th condition=rvp.co.th condition=e-recovery.rvp.co.th condition=rvpeservice.com end condition "__CondList1E Policy" define condition "E Policy" condition="__CondList1E Policy" end condition "E Policy" define condition webex url.domain="webex.com" end condition webex define condition WebsDR-Backup url.host.substring="203.155.60.187" end condition WebsDR-Backup define condition bkidev.com url.host.substring="bkidev.com" end condition bkidev.com define condition Asiainsurance.com.kh url.domain="asiainsurance.com.kh" end condition Asiainsurance.com.kh define condition bkilao.com url.domain="bkilao.com" end condition bkilao.com define condition "translate google" url.domain="translate.google.com" end condition "translate google" define condition Telematics url.domain="dynamic-logistics.co.th" end condition Telematics define condition eunite.com url.domain="eunite.com" end condition eunite.com define condition eunite.net url.domain="eunite.net" end condition eunite.net ;; Description: define subnet HR 172.16.12.38/32 end subnet HR define condition s3.amazonaws.com url.host.substring="*.s3.amazonaws.com " end condition s3.amazonaws.com ;; Description: define condition __CondList1HCM_URL condition=s3.amazonaws.com end condition __CondList1HCM_URL define condition HCM_URL condition=__CondList1HCM_URL end condition HCM_URL define condition "__CondList1digicert for O365" url.domain="crl4.digicert.com" url.address=72.21.91.29/32 url.address=117.18.237.29/32 url.address=93.184.220.29/32 url.address=205.234.175.175/32 url.domain="login.microsoftonline.com" end condition "__CondList1digicert for O365" define condition "digicert for O365" condition="__CondList1digicert for O365" end condition "digicert for O365" ;; Description: define subnet Server_O365 172.16.52.121/32 172.16.2.196/32 end subnet Server_O365 define condition O365 url.category=("o356") end condition O365 ;; Description: define subnet "Website Bangkokinsurance" 10.16.1.71/32 10.16.1.88/32 end subnet "Website Bangkokinsurance" define condition Google.com url.host.substring="*.google.com" end condition Google.com define condition RequestURL_smartcomm2 url.host.substring="smartcomm2.net" end condition RequestURL_smartcomm2 define condition Request_eclaim_emcs_thai url.host.substring="emcsthai.com" end condition Request_eclaim_emcs_thai ;; Description: define condition __CondList1WebsiteBKI_Group condition=Google.com condition=RequestURL_smartcomm2 condition=Request_eclaim_emcs_thai end condition __CondList1WebsiteBKI_Group define condition WebsiteBKI_Group condition=__CondList1WebsiteBKI_Group end condition WebsiteBKI_Group define condition nacsrv01 url.host.substring="nacsrv01.bki.co.th" end condition nacsrv01 define condition eclaim url.host.substring="eclaim.emcsthai.com" end condition eclaim define condition __GROUP29 realm=IWA_Authentication group="BKI\Dept_Motor Claims Department Group" end condition __GROUP29 define condition __GROUP40 realm=IWA_Authentication group="BKI\Dept_Motor Claim Department Group" end condition __GROUP40 define condition __USER405 realm=IWA_Authentication user="BKI\1698" end condition __USER405 define condition __USER406 realm=IWA_Authentication user="BKI\1892" end condition __USER406 define condition __USER407 realm=IWA_Authentication user="BKI\1934" end condition __USER407 define condition __USER408 realm=IWA_Authentication user="BKI\2326" end condition __USER408 define condition __USER409 realm=IWA_Authentication user="BKI\2343" end condition __USER409 define condition __USER410 realm=IWA_Authentication user="BKI\2459" end condition __USER410 define condition __USER411 realm=IWA_Authentication user="BKI\2595" end condition __USER411 ;; Description: define condition __CondList1CombinedSource_Claim condition=__GROUP29 condition=__GROUP40 condition=__USER405 condition=__USER406 condition=__USER407 condition=__USER408 condition=__USER409 condition=__USER410 condition=__USER411 end condition __CondList1CombinedSource_Claim define condition CombinedSource_Claim condition=__CondList1CombinedSource_Claim end condition CombinedSource_Claim define condition Googleapis.com url.host.substring="googleapis.com" end condition Googleapis.com define condition RequestURL_m12.cloudmqtt.com url.host.substring="m12.cloudmqtt.com" end condition RequestURL_m12.cloudmqtt.com define condition RequestURL_Claimdi url.host.substring="claimdi.com" end condition RequestURL_Claimdi define condition RequestURL24 url.host.substring="maps.google.com" end condition RequestURL24 define condition RequestURL_console.sightcall.com url.host.substring="console.sightcall.com" end condition RequestURL_console.sightcall.com ;; Description: define condition __CondList1MapGoogle url.domain="http://maps.gstatic.com" condition=Googleapis.com condition=RequestURL_m12.cloudmqtt.com condition=RequestURL_Claimdi condition=RequestURL24 condition=RequestURL_console.sightcall.com end condition __CondList1MapGoogle define condition MapGoogle condition=__CondList1MapGoogle end condition MapGoogle define condition __GROUP9 realm=IWA_Authentication group="BKI\Motor Claims Division Group" end condition __GROUP9 define condition __GROUP10 realm=IWA_Authentication group="BKI\Treasure&Investment Group" end condition __GROUP10 define condition __GROUP11 realm=IWA_Authentication group="BKI\Branch Operations Group" end condition __GROUP11 define condition __GROUP12 realm=IWA_Authentication group="BKI\SSN User Group" end condition __GROUP12 define condition __GROUP13 realm=IWA_Authentication group="BKI\LSL User Group" end condition __GROUP13 define condition __GROUP15 realm=IWA_Authentication group="BKI\Internal Audit Group" end condition __GROUP15 define condition __GROUP18 realm=IWA_Authentication group="BKI\CBI User Group" end condition __GROUP18 define condition __GROUP19 realm=IWA_Authentication group="BKI\MDH User Group" end condition __GROUP19 define condition __GROUP30 realm=IWA_Authentication group="BKI\Dept_Investment Office Group" end condition __GROUP30 define condition __GROUP31 realm=IWA_Authentication group="BKI\T_Branch Operations Support Group" end condition __GROUP31 define condition __GROUP32 realm=IWA_Authentication group="BKI\Div_Metropolitan Region Group" end condition __GROUP32 define condition __GROUP33 realm=IWA_Authentication group="BKI\Div_Central Region Group" end condition __GROUP33 define condition __GROUP34 realm=IWA_Authentication group="BKI\Div_East Region Group" end condition __GROUP34 define condition __GROUP35 realm=IWA_Authentication group="BKI\Div_North East Region Group" end condition __GROUP35 define condition __GROUP36 realm=IWA_Authentication group="BKI\Div_North Region Group" end condition __GROUP36 define condition __GROUP37 realm=IWA_Authentication group="BKI\Div_South Region Group" end condition __GROUP37 define condition __GROUP38 realm=IWA_Authentication group="BKI\Dept_Internal Audit Office Group" end condition __GROUP38 ;; Description: define condition __CondList1E-Claim condition=__GROUP9 condition=__GROUP10 condition=__GROUP11 condition=__GROUP12 condition=__GROUP13 client.address=172.23.0.0/16 condition=__GROUP15 condition=__GROUP18 condition=__GROUP19 condition=__GROUP29 condition=__GROUP30 condition=__GROUP31 condition=__GROUP32 condition=__GROUP33 condition=__GROUP34 condition=__GROUP35 condition=__GROUP36 condition=__GROUP37 condition=__GROUP38 end condition __CondList1E-Claim define condition E-Claim condition=__CondList1E-Claim end condition E-Claim define condition emcsthai.com url.domain="emcsthai.com" end condition emcsthai.com define condition kenprocctv.com url.domain="kenprocctv.com" end condition kenprocctv.com define condition RequestURL_maps.googleapis.com url.host.substring="maps.googleapis.com" end condition RequestURL_maps.googleapis.com define condition "__CondList1E Claim Site" condition=emcsthai.com url.address=203.146.21.149/32 url.address=203.149.61.75/32 url.address=209.133.111.4/32 url.address=216.104.212.81/32 url.address=216.200.249.197/32 url.address=58.137.58.133/32 url.address=65.170.56.4/32 condition=kenprocctv.com condition=RequestURL_maps.googleapis.com condition=RequestURL_m12.cloudmqtt.com url.address=203.150.82.18/32 url.address=203.150.82.15/32 url.address=172.217.24.234/32 end condition "__CondList1E Claim Site" define condition "E Claim Site" condition="__CondList1E Claim Site" end condition "E Claim Site" define condition __USER38 realm=IWA_Authentication user="BKI\2598" end condition __USER38 define condition __USER28 realm=IWA_Authentication user="BKI\0023" end condition __USER28 define condition __USER22 realm=IWA_Authentication user="BKI\0075" end condition __USER22 define condition __USER26 realm=IWA_Authentication user="BKI\3323" end condition __USER26 define condition __GROUP21 realm=IWA_Authentication group="BKI\EVP" end condition __GROUP21 define condition __GROUP22 realm=IWA_Authentication group="BKI\SEVP" end condition __GROUP22 define condition __USER18 realm=IWA_Authentication user="BKI\7887" end condition __USER18 define condition __USER21 realm=IWA_Authentication user="BKI\Monitor" end condition __USER21 define condition __USER39 realm=IWA_Authentication user="BKI\0C27" end condition __USER39 ;; Description: define condition __CondList1Manament client.address=172.16.1.148/32 client.address=172.16.1.229/32 condition=__USER38 condition=__USER28 condition=__USER22 condition=__USER26 condition=__GROUP21 condition=__GROUP22 condition=__USER18 client.address=172.16.4.5/32 condition=__USER21 client.address=172.21.2.223/32 condition=__USER39 end condition __CondList1Manament define condition Manament condition=__CondList1Manament end condition Manament define condition "__CondList1AccessDoor&RecordTimeBranch" url.address=172.16.8.0/24 url.address=172.30.0.0/16 end condition "__CondList1AccessDoor&RecordTimeBranch" define condition "AccessDoor&RecordTimeBranch" condition="__CondList1AccessDoor&RecordTimeBranch" end condition "AccessDoor&RecordTimeBranch" define condition __USER13 realm=IWA_Authentication user="BKI\0120" end condition __USER13 define condition __USER20 realm=IWA_Authentication user="BKI\T355" end condition __USER20 define condition __USER34 realm=IWA_Authentication user="BKI\C0189" end condition __USER34 define condition __USER40 realm=IWA_Authentication user="BKI\ocstech1" end condition __USER40 define condition __GROUP24 realm=IWA_Authentication group="BKI\Internet Special Site Group" end condition __GROUP24 define condition __USER61 realm=IWA_Authentication user="BKI\ocstech2" end condition __USER61 define condition __USER64 realm=IWA_Authentication user="BKI\3914" end condition __USER64 define condition __USER65 realm=IWA_Authentication user="BKI\3867" end condition __USER65 define condition __USER69 realm=IWA_Authentication user="BKI\C0957" end condition __USER69 define condition __USER70 realm=IWA_Authentication user="BKI\C0680" end condition __USER70 define condition __USER73 realm=IWA_Authentication user="BKI\C1361" end condition __USER73 define condition __USER74 realm=IWA_Authentication user="BKI\c1036" end condition __USER74 define condition __USER75 realm=IWA_Authentication user="BKI\3517" end condition __USER75 define condition __USER76 realm=IWA_Authentication user="BKI\C0197" end condition __USER76 define condition __USER77 realm=IWA_Authentication user="BKI\C0809" end condition __USER77 define condition __USER159 realm=IWA_Authentication user="BKI\4139" end condition __USER159 define condition __USER94 realm=IWA_Authentication user="BKI\0464" end condition __USER94 define condition __USER95 realm=IWA_Authentication user="BKI\1088" end condition __USER95 define condition __USER96 realm=IWA_Authentication user="BKI\2655" end condition __USER96 define condition __USER97 realm=IWA_Authentication user="BKI\3341" end condition __USER97 define condition __USER98 realm=IWA_Authentication user="BKI\2819" end condition __USER98 define condition __USER99 realm=IWA_Authentication user="BKI\C0859" end condition __USER99 define condition __USER100 realm=IWA_Authentication user="BKI\C0860" end condition __USER100 define condition __USER101 realm=IWA_Authentication user="BKI\C0918" end condition __USER101 define condition __USER369 realm=IWA_Authentication user="BKI\3220" end condition __USER369 define condition __USER105 realm=IWA_Authentication user="BKI\4251" end condition __USER105 define condition __USER106 realm=IWA_Authentication user="BKI\1878" end condition __USER106 define condition __USER286 realm=IWA_Authentication user="BKI\3746" end condition __USER286 define condition __USER107 realm=IWA_Authentication user="BKI\C1457" end condition __USER107 define condition __USER108 realm=IWA_Authentication user="BKI\C1520" end condition __USER108 define condition __USER109 realm=IWA_Authentication user="BKI\C1536" end condition __USER109 define condition __USER112 realm=IWA_Authentication user="BKI\1954" end condition __USER112 define condition __USER564 realm=IWA_Authentication user="BKI\C1717" end condition __USER564 define condition __USER565 realm=IWA_Authentication user="BKI\C0110" end condition __USER565 define condition __USER566 realm=IWA_Authentication user="BKI\C0284" end condition __USER566 define condition __USER567 realm=IWA_Authentication user="BKI\C1262" end condition __USER567 define condition __USER568 realm=IWA_Authentication user="BKI\C1251" end condition __USER568 define condition __USER569 realm=IWA_Authentication user="BKI\C1359" end condition __USER569 ;; Description: Import IP address of special group from ISA define condition "__CondList1Special Site Group" client.address=172.16.28.5/32 client.address=172.18.22.51/32 client.address=172.18.22.52/32 client.address=172.18.22.53/32 client.address=172.18.22.54/32 client.address=172.18.22.55/32 client.address=172.18.22.56/32 client.address=172.18.22.57/32 client.address=172.18.22.58/32 client.address=172.18.35.52/32 client.address=172.18.35.53/32 client.address=172.18.35.54/32 client.address=172.18.35.55/32 client.address=172.18.35.56/32 client.address=172.18.35.57/32 client.address=172.18.37.7/32 client.address=172.18.38.51/32 client.address=172.18.38.52/32 client.address=172.18.38.53/32 client.address=172.18.38.54/32 client.address=172.18.55.51/32 client.address=172.18.57.51/32 client.address=172.18.62.52/32 client.address=172.18.62.53/32 client.address=172.18.62.54/32 client.address=172.18.62.55/32 client.address=172.18.62.56/32 client.address=172.18.62.57/32 client.address=172.18.62.58/32 client.address=172.19.1.10/32 client.address=172.19.1.11/32 client.address=172.19.1.12/32 client.address=172.19.1.13/32 client.address=172.19.1.14/32 client.address=172.19.1.15/32 client.address=172.19.1.16/32 client.address=172.19.1.17/32 client.address=172.19.1.18/32 client.address=172.19.1.19/32 client.address=172.19.1.4/32 client.address=172.19.1.5/32 client.address=172.19.1.51/32 client.address=172.19.1.6/32 client.address=172.19.1.7/32 client.address=172.19.1.8/32 client.address=172.19.1.9/32 client.address=172.30.11.90/32 client.address=172.30.12.90/32 client.address=172.30.13.90/32 client.address=172.30.14.90/32 client.address=172.30.15.90/32 client.address=172.30.16.90/32 client.address=172.30.17.90/32 client.address=172.30.18.90/32 client.address=172.30.19.90/32 client.address=172.30.20.90/32 client.address=172.30.21.90/32 client.address=172.30.22.90/32 client.address=172.30.24.90/32 client.address=172.30.29.90/32 client.address=172.18.22.59/32 client.address=172.18.22.60/32 client.address=172.18.62.51/32 condition=__USER13 client.address=172.20.0.0/24 client.address=172.20.1.0/24 condition=__USER20 condition=__USER34 condition=__USER40 condition=__GROUP24 client.address=172.20.2.0/24 condition=__USER61 condition=__USER64 condition=__USER65 condition=__USER69 condition=__USER70 condition=__USER73 condition=__USER74 condition=__USER75 condition=__USER76 condition=__USER77 condition=__USER159 condition=__USER94 condition=__USER95 condition=__USER96 condition=__USER97 condition=__USER98 condition=__USER99 condition=__USER100 condition=__USER101 condition=__USER369 condition=__USER105 client.address=172.16.4.239/32 client.address=172.16.4.241/32 condition=__USER106 condition=__USER286 condition=__USER107 condition=__USER108 condition=__USER109 condition=__USER112 condition=__USER564 condition=__USER565 condition=__USER566 condition=__USER567 condition=__USER568 condition=__USER569 end condition "__CondList1Special Site Group" define condition "Special Site Group" condition="__CondList1Special Site Group" end condition "Special Site Group" define condition ap.siamcosmos.com url.domain="ap.siamcosmos.com" end condition ap.siamcosmos.com define condition www.asean-cmi.com url.domain="www.asean-cmi.com" end condition www.asean-cmi.com define condition www.dbd.go.th url.domain="www.dbd.go.th" end condition www.dbd.go.th define condition eolis.singapore.eulerhermes.com url.domain="eolis.eulerhermes.com" end condition eolis.singapore.eulerhermes.com define condition www.netsecurity.ne.jp url.host.substring="www.netsecurity.ne.jp" end condition www.netsecurity.ne.jp define condition phonebook.tot.co.th url.domain="phonebook.tot.co.th" end condition phonebook.tot.co.th define condition www.plusbos.com url.host.substring="www.plusbos.com" end condition www.plusbos.com define condition www.plusintranet url.host.substring="www.plusintranet" end condition www.plusintranet define condition rdserver.rd.go.th url.domain="rdserver.rd.go.th" end condition rdserver.rd.go.th define condition www.siriintranet.com url.domain="www.siriintranet.com" end condition www.siriintranet.com define condition smartcomm2.net url.host.substring="smartcomm2.net" end condition smartcomm2.net define condition thailandpost.co.th url.host.substring="thailandpost.co.th" end condition thailandpost.co.th define condition www.touch-bos.com url.domain="www.touch-bos.com" end condition www.touch-bos.com define condition track.thailandpost.co.th url.domain="track.thailandpost.co.th" end condition track.thailandpost.co.th define condition webmail.plus.co.th url.host.substring="webmail.plus.co.th" end condition webmail.plus.co.th define condition webmail.touch.co.th url.domain="webmail.touch.co.th" end condition webmail.touch.co.th define condition yellowpages.co.th url.host.substring="yellowpages.co.th" end condition yellowpages.co.th define condition www.bangkokbank.com url.domain="bangkokbank.com" end condition www.bangkokbank.com define condition www.rd.go.th url.domain="rd.go.th" end condition www.rd.go.th define condition bki-toms.driveprofiler.net url.domain="bki-toms.driveprofiler.net" end condition bki-toms.driveprofiler.net define condition oicws.oic.or.th url.domain="oicws.oic.or.th" end condition oicws.oic.or.th ;; Description: define condition "__CondList1Special Site" condition=ap.siamcosmos.com condition=www.asean-cmi.com condition=www.dbd.go.th condition=demo.rvp.co.th condition=eolis.singapore.eulerhermes.com condition=epolicy.rvp.co.th condition=www.netsecurity.ne.jp condition=phonebook.tot.co.th condition=www.plusbos.com condition=www.plusintranet condition=rdserver.rd.go.th condition=www.siriintranet.com condition=smartcomm2.net condition=thailandpost.co.th condition=www.touch-bos.com condition=track.thailandpost.co.th condition=webmail.plus.co.th condition=webmail.touch.co.th condition=yellowpages.co.th condition=www.bangkokbank.com condition=www.rd.go.th url.domain="cafm.ocs-group.com" condition=bki-toms.driveprofiler.net url.domain="gia.net\bkid" condition=oicws.oic.or.th url.domain="www.ktb.co.th" url.domain="www.kasikornbank.com" url.domain="www.scbbusinessnet.com4" end condition "__CondList1Special Site" define condition "Special Site" condition="__CondList1Special Site" end condition "Special Site" define condition __USER51 realm=IWA_Authentication user="BKI\1045" end condition __USER51 define condition rd.go.th url.domain="rd.go.th" end condition rd.go.th define condition one2car.com url.domain="one2car.com" end condition one2car.com define condition landprice url.host.substring="landprice" end condition landprice define condition www.labour.go.th url.domain="www.labour.go.th" end condition www.labour.go.th define condition www.rodyont.com url.domain="www.rodyont.com" end condition www.rodyont.com define condition www.sso.go.th url.domain="www.sso.go.th" end condition www.sso.go.th define condition www.taladrod.com url.host.exact="www.taladrod.com" end condition www.taladrod.com define condition www.thaicar.com url.domain="www.thaicar.com" end condition www.thaicar.com define condition www.thaihotelsdirectory.com url.domain="www.thaihotelsdirectory.com" end condition www.thaihotelsdirectory.com define condition www.treasury.go.th url.domain="www.treasury.go.th" end condition www.treasury.go.th define condition www.wm.co.th url.domain="www.wm.co.th" end condition www.wm.co.th define condition www.world-braches.com url.domain="www.world-braches.com" end condition www.world-braches.com ;; Description: define condition __CondList1SpecialSte_HR condition=rd.go.th condition=one2car.com condition=landprice condition=www.labour.go.th condition=www.rodyont.com condition=www.sso.go.th condition=www.taladrod.com condition=www.thaicar.com condition=www.thaihotelsdirectory.com condition=www.treasury.go.th condition=www.wm.co.th condition=www.world-braches.com end condition __CondList1SpecialSte_HR define condition SpecialSte_HR condition=__CondList1SpecialSte_HR end condition SpecialSte_HR define condition __GROUP45 realm=IWA_Authentication group="BKI\VIP_Int" end condition __GROUP45 ;; Description: define condition __CondList1VIP_Int condition=__GROUP45 end condition __CondList1VIP_Int define condition VIP_Int condition=__CondList1VIP_Int end condition VIP_Int define condition WebApplication_Streaming url.application.name="Amazon Instant Video" url.application.name="Blip TV" url.application.name="Blockbuster" url.application.name="Break" url.application.name="CBS" url.application.name="Dailymotion" url.application.name="Facebook" url.application.name="Facebook Plugins" url.application.name="Hulu" url.application.name="Justintv" url.application.name="LiveLeak" url.application.name="Megavideo" url.application.name="Metacafe" url.application.name="Netflix" url.application.name="Niconico" url.application.name="Stupid Videos" url.application.name="Telly" url.application.name="Tudou" url.application.name="Twitch TV" url.application.name="Ustream" url.application.name="Veoh" url.application.name="Vimeo" url.application.name="YouTube" url.application.name="Youku" url.application.name="eBaums World" end condition WebApplication_Streaming define condition Category_Streaming url.category=("Audio/Video Clips","Radio/Audio Streams","TV/Video Streams") end condition Category_Streaming ;; Description: define condition __CondList1Streaming condition=WebApplication_Streaming condition=Category_Streaming end condition __CondList1Streaming define condition Streaming condition=__CondList1Streaming end condition Streaming define condition __USER71 realm=IWA_Authentication user="BKI\int1" end condition __USER71 define condition __USER89 realm=IWA_Authentication user="BKI\2782" end condition __USER89 define condition __USER32 realm=IWA_Authentication user="BKI\webex" end condition __USER32 define condition __USER37 realm=IWA_Authentication user="BKI\sms" end condition __USER37 define condition __USER45 realm=IWA_Authentication user="BKI\crmblue" end condition __USER45 define condition __USER46 realm=IWA_Authentication user="BKI\Ernst" end condition __USER46 define condition __USER63 realm=IWA_Authentication user="BKI\3929" end condition __USER63 define condition __USER1 realm=IWA_Authentication user="BKI\2698" end condition __USER1 define condition __USER81 realm=IWA_Authentication user="BKI\webmail" end condition __USER81 define condition __USER80 realm=IWA_Authentication user="BKI\3117" end condition __USER80 define condition __USER235 realm=IWA_Authentication user="BKI\vendor-laddawan" end condition __USER235 define condition __USER102 realm=IWA_Authentication user="BKI\exadmin" end condition __USER102 define condition __USER103 realm=IWA_Authentication user="BKI\bkiline" end condition __USER103 ;; Description: define condition __CondList1Application_Internet condition=__USER71 condition=__USER89 condition=__USER21 condition=__USER32 condition=__USER37 condition=__USER45 condition=__USER46 condition=__USER63 client.address=172.16.4.240 condition=__USER1 condition=__USER81 condition=__USER80 condition=__USER235 condition=__USER102 condition=__USER103 end condition __CondList1Application_Internet define condition Application_Internet condition=__CondList1Application_Internet end condition Application_Internet define condition Custom-Block-Categories url.category=("Adult/Mature Content","Alcohol","Chat (IM)/SMS","Controlled Substances","Gambling","Games","Hacking","Malicious Sources/Malnets","Nudity","Peer-to-Peer (P2P)","Personals/Dating","Phishing","Pornography","Proxy Avoidance","Scam/Questionable/Illegal","Sex Education","Spam","Suspicious") end condition Custom-Block-Categories define condition __GROUP3 realm=IWA_Authentication group="BKI\Internet Group" end condition __GROUP3 ;; Description: define condition "__CondList1Internet Group" condition=__GROUP3 client.address=Server_O365 end condition "__CondList1Internet Group" define condition "Internet Group" condition="__CondList1Internet Group" end condition "Internet Group" define condition Whitelist url.category=("Whitelist") end condition Whitelist define condition FileExtension url.extension=GTAR url.extension=GZ url.extension=MP4 url.extension=MPEG url.extension=RAR url.extension=TGZ url.extension=ZIP end condition FileExtension define condition WebApplication_Download url.application.name="Amazon Cloud Drive" url.application.name="Dailymotion" url.application.name="Dropbox" url.application.name="Mega" url.application.name="Naver Ndrive" url.application.name="OpenDrive" url.application.name="Webde SmartDrive" url.application.name="Windows Live SkyDrive" end condition WebApplication_Download define condition Category_Download url.category=("File Storage/Sharing","Peer-to-Peer (P2P)") end condition Category_Download ;; Description: define condition __CondList1FileDownload condition=FileExtension condition=WebApplication_Download condition=Category_Download end condition __CondList1FileDownload define condition FileDownload condition=__CondList1FileDownload end condition FileDownload define condition __USER79 realm=IWA_Authentication user="BKI\2485" end condition __USER79 define condition __USER78 realm=IWA_Authentication user="BKI\3207" end condition __USER78 ;; Description: define condition "__CondList1Admin CO" condition=__USER79 condition=__USER78 end condition "__CondList1Admin CO" define condition "Admin CO" condition="__CondList1Admin CO" end condition "Admin CO" define condition "Facebook for CO" url.application.name="Facebook" url.application.name="Facebook Plugins" end condition "Facebook for CO" define condition __GROUP1 realm=IWA_Authentication group="BKI\Information Technology Group" end condition __GROUP1 define condition __USER41 realm=IWA_Authentication user="BKI\1463" end condition __USER41 define condition __USER42 realm=IWA_Authentication user="BKI\2615" end condition __USER42 define condition __USER43 realm=IWA_Authentication user="BKI\3124" end condition __USER43 define condition __USER24 realm=IWA_Authentication user="BKI\3184" end condition __USER24 define condition __USER25 realm=IWA_Authentication user="BKI\3462" end condition __USER25 define condition __USER66 realm=IWA_Authentication user="BKI\BPM03" end condition __USER66 define condition __USER68 realm=IWA_Authentication user="BKI\BPM04" end condition __USER68 define condition __GROUP28 realm=IWA_Authentication group="BKI\Group Stream for Chat" end condition __GROUP28 ;; Description: define condition __CondList1Allow_G-Talk_Group condition=__GROUP1 condition=__USER41 condition=__USER42 condition=__USER43 condition=__USER24 condition=__USER25 condition=__USER66 condition=__USER68 client.address=172.16.31.127/32 condition=__GROUP28 end condition __CondList1Allow_G-Talk_Group define condition Allow_G-Talk_Group condition=__CondList1Allow_G-Talk_Group end condition Allow_G-Talk_Group define condition GoogleTalk url.host.substring="talk.google.com" end condition GoogleTalk define condition __GROUP305 realm=IWA_Authentication group="BKI\All Users" end condition __GROUP305 define condition HTTPICAP http.method=(PUT,POST) end condition HTTPICAP define condition mail.bangkokinsurance.com server_url.host.substring="mail.bangkokinsurance.com" server_url.port=443 end condition mail.bangkokinsurance.com define condition autodiscover.bangkokinsurance.com server_url.host.substring="autodiscover.bangkokinsurance.com" server_url.port=443 end condition autodiscover.bangkokinsurance.com ;; Description: define condition __CondList1mail.bangkokinsurance condition=mail.bangkokinsurance.com condition=autodiscover.bangkokinsurance.com end condition __CondList1mail.bangkokinsurance define condition mail.bangkokinsurance condition=__CondList1mail.bangkokinsurance end condition mail.bangkokinsurance define condition fs.bangkokinsurance.com server_url.host.substring="fs.bangkokinsurance.com" end condition fs.bangkokinsurance.com define condition __HostPort2_FORWARD_ server_url.host.exact="controller.bangkokinsurance.com" server_url.port=443 end condition __HostPort2_FORWARD_ define condition __HostPort3_FORWARD_ server_url.host.exact="controller1.bangkokinsurance.com" server_url.port=443 end condition __HostPort3_FORWARD_ define condition __HostPort4_FORWARD_ server_url.host.exact="controller2.bangkokinsurance.com" server_url.port=443 end condition __HostPort4_FORWARD_ define condition __CondList1Controller_FORWARD_ condition=__HostPort2_FORWARD_ condition=__HostPort3_FORWARD_ condition=__HostPort4_FORWARD_ end condition __CondList1Controller_FORWARD_ define condition Controller_FORWARD_ condition=__CondList1Controller_FORWARD_ end condition Controller_FORWARD_ define condition bangkokinsurance server_url.domain="bangkokinsurance.com" end condition bangkokinsurance ;; Description: define condition "__CondList1website company" condition=bangkokinsurance server_url.domain="www.bangkokinsurance.com" end condition "__CondList1website company" define condition "website company" condition="__CondList1website company" end condition "website company" define condition gia.net server_url.domain="gia.net" end condition gia.net define condition asiainsurance.com server_url.domain="asiainsurance.com.kh" end condition asiainsurance.com define condition bkilao server_url.domain="bkilao.com" end condition bkilao define condition __USER110 realm=IWA_Authentication user="BKI\4060" end condition __USER110 define condition __USER437 realm=IWA_Authentication user="BKI\4342" end condition __USER437 ;; Tab: [Web Authentication Layer] condition="Computer Access_No_Authen" authenticate(no) ; Rule 2 ; IP computer not authen condition="Computer Access_No_Authen" authenticate(no) ; Rule 3 condition="gia Domain" authenticate(IWA_Authentication) authenticate.force(no) authenticate.mode(proxy-ip) ; Rule 4 ; Web GIA condition=for_update_itunes authenticate(no) ; Rule 6 authenticate(IWA_Authentication) authenticate.force(no) authenticate.mode(auto) ; Rule 7 ; User Authen ;; Tab: [Web Access Layer] condition="Bangkokinsurance&BKI Domain" bypass_cache(yes) ; Rule 2 ; bki.co.th, bangkokinsurance.com condition="gia Domain" bypass_cache(yes) ; Rule 3 ; gia.net condition="E Policy" Allow ; Rule 4 ; epolicy.rvp.co.th,demo.rvp.co.th condition=webex Allow ; Rule 5 ; webex for meeting condition=WebsDR-Backup Allow ; Rule 6 ; Web Partner Backup condition=bkidev.com Allow ; Rule 7 ; WWW Develop condition=Asiainsurance.com.kh bypass_cache(yes) ; Rule 10 ; www.asiainsurance.com.kh condition=bkilao.com bypass_cache(yes) ; Rule 11 condition="translate google" Allow ; Rule 13 ; Google translate for All user condition=Telematics Allow ; Rule 14 ; Trace status send/receive hardware telematics condition=for_update_itunes Allow ; Rule 15 condition=eunite.com Allow ; Rule 16 condition=eunite.net Allow ; Rule 17 client.address=HR condition=HCM_URL Allow ; Rule 18 condition="digicert for O365" Allow ; Rule 19 ; Alert Outlook Certificate client.address=Server_O365 condition=!O365 Deny ; Rule 20 client.address="Website Bangkokinsurance" condition=WebsiteBKI_Group Allow ; Rule 22 client.address=172.18.200.0/24 condition=nacsrv01 bypass_cache(yes) ; Rule 23 client.address=172.18.200.0/24 action.ReturnRedirect_nacsrv01(yes) ; Rule 24 client.address=BKIINTRA2012 url.domain="http://maps.googleapis.com/maps/api/geocode/xml?" Allow ; Rule 25 client.address=172.16.31.3/32 condition=Google.com Allow ; Rule 26 client.address=172.16.54.77/32 condition=eclaim Allow ; Rule 27 ; appora access eclaim condition=CombinedSource_Claim condition=MapGoogle Allow ; Rule 28 ; GoogleMap for Esurveyor condition=E-Claim condition="E Claim Site" bypass_cache(yes) ; Rule 30 ; (13) Claim HQ - Revise source and add E-Claim url condition=Manament Allow ; Rule 31 ; Group Management client.address=172.18.57.0/24 condition="AccessDoor&RecordTimeBranch" Allow ; Rule 32 ; Access door+Record time branch (HR) condition="Special Site Group" condition="Special Site" Allow ; Rule 33 ; (11) Special Site - Custome source and revise url in destination condition=__USER51 condition=SpecialSte_HR Allow ; Rule 34 ; (10) Special Site HR - Chage source to name and Still don't add url condition=VIP_Int condition=Streaming Allow limit_bandwidth.server.inbound(VP-streaming) ; Rule 37 ; managestreaming BW for VP condition=Application_Internet condition=!Custom-Block-Categories Allow ; Rule 39 user.login.count=(3) user.login.log_out(yes) deny("You have double login. Please contact your administrator if this is your account.") ; Rule 40 condition="Internet Group" condition=Whitelist Allow ; Rule 41 ; Accept URL condition="Internet Group" condition=Streaming Allow limit_bandwidth.server.inbound(Streaming) ; Rule 42 ; manage streaming BW for all user condition=FileDownload Allow limit_bandwidth.server.inbound(FileDownload) ; Rule 43 ; manage download BW for all user condition="Admin CO" condition="Facebook for CO" Allow ; Rule 44 ; For CO admin page facebook condition=__GROUP3 condition=WebApplication_Streaming Allow limit_bandwidth.server.inbound(Streaming) ; Rule 45 condition=Allow_G-Talk_Group condition=GoogleTalk Allow ; Rule 46 ; (8) GoogleTalk condition="Internet Group" condition=!Custom-Block-Categories Allow ; Rule 50 ; (17) User Internet condition="Computer Access_No_Authen" condition=!Custom-Block-Categories Allow ; Rule 51 Deny ; Rule 52 ;; Tab: [Web Access Layer DLP] condition=__GROUP305 condition=HTTPICAP request.icap_service(websense_dlp,fail_open) request.icap_service.secure_connection(auto) ; Rule 3 ;; Tab: [Forwarding Layer] condition=mail.bangkokinsurance forward("mail.bangkokinsurance") forward.fail_open(no) ; Rule 1 server_url.regex="mdma.bangkokinsurance.com" forward("mdma.bangkokinsurance.com") forward.fail_open(yes) ; Rule 2 condition=fs.bangkokinsurance.com forward("fs.bangkokinsurance.com") forward.fail_open(yes) ; Rule 3 server_url.regex="clearpass.bangkokinsurance.com" forward("clearpass.bangkokinsurance.com") forward.fail_open(no) ; Rule 4 condition=Controller_FORWARD_ socks_gateway(no) forward(no) ; Rule 5 condition="website company" forward("bangkokinsurance.com") forward.fail_open(no) ; Rule 6 server_url.domain="datagate.gia.net" forward("datagate.gia.net") forward.fail_open(no) ; Rule 7 server_url.domain="realtime.gia.net" forward("realtime.gia.net") forward.fail_open(no) ; Rule 8 server_url.domain="testrealtime.gia.net" forward("testrealtime.gia.net") forward.fail_open(no) ; Rule 9 server_url.domain="prb.gia.net" forward("prb.gia.net") forward.fail_open(no) ; Rule 10 condition=gia.net forward("www.gia.net") forward.fail_open(no) ; Rule 11 server_url.domain="203.155.60.187" forward("Websdr-backup") forward.fail_open(no) ; Rule 12 server_url.domain="203.155.29.36" forward("testnewwebsite") forward.fail_open(no) ; Rule 13 server_url.domain="bkidev.com" forward("bkidev.com") forward.fail_open(no) ; Rule 15 condition=asiainsurance.com forward("asiainsurance.com") forward.fail_open(no) ; Rule 18 condition=bkilao forward("bkilao.com") forward.fail_open(no) ; Rule 19 server_url.domain="uc-exp-e-1.bki.co.th" forward("uc-exp-e-1.bki.co.th") forward.fail_open(no) ; Rule 20 ;; Tab: [Reflect IP] ;; Tab: [Web Access Layer (1)] ;; Tab: [Web Access Layer_Arcsight] access_log[BKI-Proxy1](yes) ; Rule 1 ;; Tab: [Admin Authentication Layer (1)] authenticate(IWA_Authentication) authenticate.force(no) ; Rule 1 ;; Tab: [Admin Access Layer (1)] condition=__USER1 allow admin.access=(read,write) ; Rule 1 condition=__USER63 allow admin.access=(read,write) ; Rule 2 condition=__USER110 allow admin.access=(read,write) ; Rule 3 condition=__USER437 allow admin.access=(read,write) ; Rule 4 ;; Tab: [CPL Layer (1)] response.raw_headers.tolerate(invalid_header) define action ReturnRedirect_nacsrv01 redirect(302, ".*", "https://nacsrv01.bki.co.th/status" ); end