You may want to allow users to browse the internet during lunch breaks or after hours, but restrict them to permitted sites during work hours.

Because WinGate uses the most permissive policy you would create your restrictions, then add a more permissive policy to allow access. When the permissive policy does not apply, ie outside the allowed hours, the more restrictive policy is the only policy available, and is applied.

WinGate's policies make this quite straightforward:

Open the WWW proxy service

Create a policy to restrict access to specific sites only. This will be the policy that applies during work hours and these will be the only sites that are available. Alternatively, create a policy restricting access to certain sites, users will then be able to browse to everything except the sites you specify.

For example, create a policy to allow access to wingate.com. This is now the only site that is available.



Create a second policy which is a time policy for the time that you don't want to restrict user access. This can be for the lunch hour, or after hours depending on your requirements.

For example, create a time policy for the period 12:00pm to 1:00pm with no other restrictions. During this period browsing will not be restricted.



You should end up with your WWW proxy service policies looking like this:



Please note that your clients must be connecting through the proxy, or you must have Transparent Proxy enabled to intercept their traffic to apply this policy. For more information on Transparent Proxy please see this article