how to block https access to facebook and youtube, using the built in Smart filter of firewall enterprise 8.3.x
I have a bunch of remote offices, where the firewall enterprise is installed as the perimeter firewall. I wanted to block access to social networking and streaming sites, but only the http sites are getting blocked, while the https versions are just passing through the smart filter. I would appreciate if any one can help us here.
Re: how to block https access to facebook and youtube, using the built in Smart filter of firewall enterprise 8.3.x
To do this properly and efficiently you will probably need to use SSL interception so that these HTTPS requests can be decrypted and properly inspected by the Firewall.
Applying content filtering on HTTPS traffic can be tricky (and I have experience of this on a couple of other Firewall soltuions in addition to Firewall Enterprise) because the connection is encrypted. Detecting the site is the first issue. But even if the content filtering policy is able to correctly detect an HTTPS site based on the policy you are then faced with the second issue which it is the inability for the solution to deliver a block page to the end user. For normal HTTP sites, it is easy, but because HTTPS connections are encrypted the only thing the firewall can do is issue a normal deny action. This results in the user seeing a "This page cannot be displayed" type of message, rather than a SmartFilter block page and they then think the system is broken.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.