cancel
Showing results for 
Search instead for 
Did you mean: 
hazwan
Level 7

Web Gateway 7.6.0 unable to block file upload to https website

Jump to solution

Hi All,

Have you all tried McAfee Web Gateway 7.6.0? I've encountered the issue when want to block upload for HTTPS website. I've tried with Dropbox and Hotmail, all the attachments pass through without being blocked by media type filtering. I have followed the McAfee KnowledgeBase - Web Gateway - How to block Web Mail attachment uploads and downloads by media... for arrangement rules but still unsuccessful to block the upload. Below are my screenshot :

My arrangement for rules followed the knowledge base.

For Media type Filtering - Blocked all categories except gov and finance

Inside the Rule set - Criteria Cycle.TopName equals "Request" and MediaType.EnsuredTypes = all extension I ticked except application/x-empty.

If you need more information I will provide and whoever know or happens to you do let me know if its a bug. Attached also the rule tracing during upload to dropbox.

Thank You.

Regards,

Hazwan

0 Kudos
1 Solution

Accepted Solutions
McAfee Employee

Re: Web Gateway 7.6.0 unable to block file upload to https website

Jump to solution

Hi Hazwan!

Based on the rule traces, you're not actually performing SSL scanning. So blocking anything on HTTPS isn't likely to work (if you're trying to look inside the tunnel -- which you are).

In the screenshot, you have the "SSL Scanner" ruleset on, but.... you or someone changed the rules which in effect neuter the SSL scanner.

There is a rule called "Set Client Context", the action in your rules is set to "Stop Ruleset". This needs to be Continue (this is what it is by default).

You or whoever may have done this for some reason or another, but it doesnt really matter because it disabled SSL Scanner.

Best Regards,

Jon

4 Replies
McAfee Employee

Re: Web Gateway 7.6.0 unable to block file upload to https website

Jump to solution

Hi Hazwan!

Based on the rule traces, you're not actually performing SSL scanning. So blocking anything on HTTPS isn't likely to work (if you're trying to look inside the tunnel -- which you are).

In the screenshot, you have the "SSL Scanner" ruleset on, but.... you or someone changed the rules which in effect neuter the SSL scanner.

There is a rule called "Set Client Context", the action in your rules is set to "Stop Ruleset". This needs to be Continue (this is what it is by default).

You or whoever may have done this for some reason or another, but it doesnt really matter because it disabled SSL Scanner.

Best Regards,

Jon

hazwan
Level 7

Re: Web Gateway 7.6.0 unable to block file upload to https website

Jump to solution

Hi Jon,

Thanks for your help. It does the trick. Previously my colleague did the configuration and after he resign I continue what was done. Anyway, it seems web gateway can block almost all attachment on Dropbox but for webmail outlook, not even 1 mime type were success to block from being upload. Do you have any workaround for this?

Thank You.

Regards,

Hazwan

0 Kudos
McAfee Employee

Re: Web Gateway 7.6.0 unable to block file upload to https website

Jump to solution

When you ran a rule trace, what did it show you?

Regis
Level 12

Re: Web Gateway 7.6.0 unable to block file upload to https website

Jump to solution

If I had to guess, there are probably some upstream whitelisting of the outlook or microsoft servers that are taking precedence over the blocking rules. 

0 Kudos