user can access to any website using ultrasurf application
How to block this application using McAfee web gateway ??
NOTE: I'm using web gateway version 184.108.40.206.0
Message was edited by: rmjkmd on 6/28/14 4:53:33 AM CDTMessage was edited by: rmjkmd on 6/28/14 7:02:28 AM CDT
Hi I guess there are two levels to solve:
Ultrasurf detection is included in standard Application control - Anonymisers/Proxies category. We use it on MWG 220.127.116.11. Rule is simple.
I cannot seem to get this to work. I am using version 18.104.22.168, and I have made this exact rule. However when I run the ultrasurf application it stops at the ssl scanner at "Content inspection".
There is never any application checking or blocking happening.
Ultrasurf can be blocked by web gateway without SSL scanning, but the web gateway cannot do it alone. Ultrasurf cannot be blocked by web gateway if the client is allowed to access the Internet directly on any port. It’s as simple as that. You cannot reasonably expect a web gateway to block or filter traffic that it doesn’t “see". Web Gateway needs to be used in combination with Network or host based firewall rules or MCP. Like a host based firewall, MCP has the ability to block access to non-standard ports by process.
Browsec can be similarly blocked. I should also note that some of these extensions and utilities may use UDP 443 / QUIC which would also mean you would need assistance from host or network firewall or MCP (2.5 for UDP blocking).