Everyone knows that not every browser is the right one for all websites. Problem is, users end up using the WRONG website most of the time. With PP Browser Router, you create policies (or ROUTES) where specific websites are launched only into the specific browsers, then deploy those policies using the MDM service of your choice. It couldn’t be easier. Check it out!
PolicyPak MDM: Map the Right Website to the Right Browser
Hi, this is Whitney with PolicyPak Software. In this video, we’re going to learn how to use PolicyPak Browser Router component to route the right website to the right browser and block some websites from being able to function at all. Then once we do that, we’re going to export those directives, wrap them up in an MSI, and deploy them using an MDM service.
In this video, I’ll be using AirWatch, but you can use whichever one you have, such as Intune or MobileIron. It will work with any of them.
To start off with, let’s note that my computer here is not domain joined. This is my endpoint here. I could be domain joined, but it’s not required for this particular component. So here we are, not domain joined.
I am “Connected to AirWatchMDM” service. Once again, you can use whichever one you have. I’m just using AirWatch for this video.
Finally, I want to point out that I do have the “PolicyPak Client-Side Extension” and the “PolicyPak MDM Licenses for PolicyPak” all deployed already through that MDM service. Those are the two moving parts you’re going to need in order for any of your directives to work.
Here’s the scenario. If I’m in, say, Chrome and I want to go to “mozilla.org,” then I’m going to stay right there in Chrome, just as you would imagine. There’s no reason for it to route to any other browser. We didn’t set that up.
What we’re going to do is we’re going to imagine that sites such as mozilla.org look best in Firefox and sites like microsoft.com look best in Internet Explorer, for example. So we’re going to basically route it so that whatever browser I’m in, if I go to mozilla.org, I’m always going to open that Mozilla link in Firefox.
We’re going to do some simple routes like that, and we’re going to see how that works. Because what if you have a particular web app that just looks best, works best in, say, Internet Explorer but most of your users are using Chrome? How are you going to get around that? Well, we’re going to create these routes.
We’re going to do that and, like I said, we’ll also look at blocking some websites such as, oh, I don’t know, Facebook, for example. So we’re going to close this down and we’re going to go ahead and create those directives and get those routes set up.
I’ll come over here. I’m going to open up my GPMC. I’m going to create a “New GPO.” It can be just in the “Group Policy Objects” node here. It doesn’t have to be linked to any particular OU because we’re just going to export the directives as an XML and deal with them later.
I’m just going to do “PPBR Demo.” I’m going to right click on there, and I’m going to “Edit” this bad boy. We can do this on the computer side or the user side. I’m going to choose the computer side. I’m going to click on this and I’m going to go to “Browser Router.”
I’m going to start by creating a new collection. Browser Router in particular requires that you start a collection before you create policies, and that’s also helpful for when we’re doing our export so that way we can export a single collection rather than a series of policies.
So I’m going to “ADD NEW COLLECTION,” and I’ll just leave it at “Collection 1.” I’m going to go inside, and I’m going to start creating some routes so that the right website opens in the right browser. We’ll “ADD NEW POLICY,” and we’ll start with the one I started off with. We’ll say “All mozilla to FF.”
I want this to be a “Wildcard” situation because I want to cast a wide net. If the word mozilla appears in the URL at all, I want it opening in Firefox. So let’s get that in there: “*mozilla*.” We’re going to select “Firefox.” I want everything mozilla to go to Firefox, so I’ll tell that “OK.”
So we’ll go through. I want “All Google to chrome.” I’ll do another “Wildcard” and we’ll do “*google*.” There we are. I’ll select “Google Chrome.”
Let’s say we want Microsoft to Internet Explorer. Actually, we’ll do “Some MS to IE”. We’ll give that a specific “URL”: “https://www.microsoft.com.” There we go. “Internet Explorer” is already previously selected. We’ll tell that “OK.”
Let’s send Bing to Edge. We’ll “ADD NEW POLICY”: “Bing to Edge.” We’ll go “Wildcard” with this one too: “*bing*.” We’ll choose “Edge,” and there we go.
So now even if I’m in Chrome, websites will now open Mozilla in Firefox and vice versa. It will all route to where it’s supposed to route. So we’ve created our routes.
Now finally, let’s go and create a block policy (“ADD NEW POLICY”). So let’s block Facebook (“no FB”). I’m going to give it a “Wildcard” because, again, I’m casting that wide net. I don’t want anybody trying to work around my settings because I put a specific URL in, so I’m going to go “Wildcard”: “*facebook*.” And I’m going to choose “Block” right here. There’s a “Block Text” that you can use, and I’m going to say, “Browse FB at home!” Click “OK.”
So we’ve put Mozilla to Firefox, Google to Chrome, Microsoft to Internet Explorer, Bing to Edge, and we’ve blocked Facebook entirely. Great. We have these directives. Now what are we going to do with them?
We’re going to start by exporting “Collection 1” as an XML (“Export Collection as XML”). I’m just going to throw it right on the “Desktop.” I’m going to call it “PPBR Settings.” “Save” that. That should pop up right there. There we go.
All right, we’re getting there. We’ve got the XML created, and now we just need to wrap that XML up in an MSI that can then be deployed using an MDM service. In order to do that, we’re going to use the PolicyPak Exporter Tool, which installs alongside the admin console MSI when you install that on your management station.
It will probably be in “Recently added.” If not, scroll down to the “PolicyPak” folder here and choose the “PolicyPak Exporter Tool.” This actually does a few different things, but right now what we want to do is “Create a new MSI installer.” I’ll click “Next.”
I’m going to add existing XML data, so let’s “Add Existing Files,” that one we just created. We’re going to “Install For” the “Computer” and we’re going to “Target” “All Users.” We’ll click “Next.” We can give it a “Product Name.” I’m just going to call it “PPBR Settings.” This is what shows up in “Uninstall or change a program” in your Control Panel. We’ll click “Next” and “Next.”
It wants to know where we want to save it. Again, I’ll just throw it right on the “Desktop”: “PPBR Settings.” We’ll “Finish” right up. There we go. It popped up right there.
Now what I need to do is go to my AirWatch console. Again, this is my particular console, but you can do Intune, MobileIron, whatever you have. Let’s “Log In” here. All right, I would go to “APPS & BOOKS.” You can see I already have that “PolicyPak Client-Side Extension” and “PolicyPak MDM Licenses for *@policypak.com” deployed. Those, again, are the two pieces that you have to have on your machines for your directives to work.
Now when I go to “ADD APPLICATION” it’s actually going to take several minutes to get it all uploaded and then deployed and installed on my endpoint. So I’m going to pause the video right now while we get that deployed. Then once it’s all there and ready, we’ll come back and I’ll show you the results of what we just did.
All right, and we’re back. We’re going to look. You see we have the “PPBR Settings” installed on the machine now that we just deployed. Let’s go ahead and check it out.
Let’s start off here with “Firefox.” Let’s start with trying to go to “facebook.com” and see what happens. Nope. “Browse FB at home!” Just like we said.
Now let’s go to “google.com.” We said that Google was going to open in Chrome. There we go. We closed down the wrong browser and opened it up in the right browser.
Now note that it did close Firefox down altogether. It only does that when there’s only one single tab open. If there were multiple tabs, it would close just the tab, not the whole application. That’s important to know.
Here let’s go. We said Google we open up in Chrome. We said “microsoft.com” is going to open up in Internet Explorer. Let’s see what happens here. There we go. We closed down the wrong browser. We’re opening up in the right browser. Here we are in Internet Explorer just like we meant to be.
Just to see, let’s see if we can get on “facebook.com” from here. Maybe we can fool the system. Nope, sure can’t. “Browse FB at home!”
Now let’s go to “bing.com.” We said that was going to take us to Edge, and here we are opening right up in Edge just like we said.
To complete the circle, let’s go to “mozilla.org” and watch it close us down here and open us up in Firefox just like we said.
That’s how you go about creating routes and blocking websites using the Browser Router component and then deploying that using an MDM solution. If this is of interest to you, let us know and we can get you started with a free trial right away.
Thanks for watching. Hope to see you in the next video.