cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
rmjkmd
Level 7
Report Inappropriate Content
Message 1 of 6

Blocking ultrasurf using McAfee web gateway

Greetings

user can access to any website using ultrasurf application

..
PLZ
How to block this application using McAfee web gateway ??
NOTE: I'm using web gateway version 7.3.2.2.0

Best regards,

Khaled Dhoon

Message was edited by: rmjkmd on 6/28/14 4:53:33 AM CDT

Message was edited by: rmjkmd on 6/28/14 7:02:28 AM CDT
5 Replies

Re: Blocking ultrasurf using McAfee web gateway

Hi I guess there are two levels to solve:

  1. You need block direct access to internet on LAN FW - so only MWG proxy can serve pages + some exception for servers, No end user PCs.
  2. Use Application control to identify applications connecting to MWG.

Ultrasurf detection is included in standard Application control - Anonymisers/Proxies category. We use it on MWG 7.3.2.10. Rule is simple.2014-06-30 13_03_55-McAfee _ Web Gateway - proxy01 - 10.255.252.21.png

Re: Blocking ultrasurf using McAfee web gateway

I cannot seem to get this to work.  I am using version 7.4.2.7, and I have made this exact rule.  However when I run the ultrasurf application it stops at the ssl scanner at "Content inspection".

There is never any application checking or blocking happening.

Dan.

McAfee Employee jebeling
McAfee Employee
Report Inappropriate Content
Message 4 of 6

Re: Blocking ultrasurf using McAfee web gateway

Ultrasurf can be blocked by web gateway without SSL scanning, but the web gateway cannot do it alone. Ultrasurf cannot be blocked by web gateway if the client is allowed to access the Internet directly on any port. It’s as simple as that. You cannot reasonably expect a web gateway to block or filter traffic that it doesn’t “see". Web Gateway needs to be used in combination with Network or host based firewall rules or MCP. Like a host based firewall, MCP has the ability to block access to non-standard ports by process.

 

 

 

 

Re: Blocking ultrasurf using McAfee web gateway


I have to mention the BROWSEC extension which is in chrome browser and it is passing proxy too.

McAfee Employee jebeling
McAfee Employee
Report Inappropriate Content
Message 6 of 6

Re: Blocking ultrasurf using McAfee web gateway

Browsec can be similarly blocked. I should also note that some of these extensions and utilities may use UDP 443 / QUIC which would also mean you would need assistance from host or network firewall or MCP (2.5 for UDP blocking).

 

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community