Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
1489 Views 6 Replies Latest reply: Oct 31, 2012 2:10 PM by jsanchez RSS
jsanchez Newcomer 6 posts since
Sep 21, 2012
Currently Being Moderated

Oct 1, 2012 11:03 AM

Block Google Chat, MWG 7.2.0.2.0 (13603)

Good morning.  Is there a way to block Google Chat, but allow Google Mail?  I saw something about a XMPP proxy, but did not see much elaboration on it.  Thanks!

  • pbrickey McAfee Employee 79 posts since
    Oct 13, 2011
    Currently Being Moderated
    1. Oct 12, 2012 7:21 PM (in response to jsanchez)
    Re: Block Google Chat, MWG 7.2.0.2.0 (13603)

    Greetings,

     

    The xmpp proxy is if you want jabber (google talk) to go through the web gateway out to the internet and do logging/filtering. It is not necessary to simply block the protocol (you can do that at the firewall level).

     

    Are you trying to block gmail chat inside of gmail? If so, simply block the host chatenabled.mail.google.com

     

    Regards,

    Patrick

  • Regis Champion 457 posts since
    Oct 6, 2010
    Currently Being Moderated
    2. Oct 13, 2012 12:54 PM (in response to jsanchez)
    Re: Block Google Chat, MWG 7.2.0.2.0 (13603)

    While that will work specifically for gchat, it's a bit of a wack a mole approach that we administrators aren't all that fond of. :-)

     

    jsanchez, in the Category content filter rules you have,  block the Messaging category but allow the Web Mail category.

     

    If your experience mirrors mine, it'll do exactly what you want, across all the web mail solutions.   

     

    This presupposes of course you don't allow third party chat clients (such as trillium or pidgin) to get directly out to the internet and get around your proxy.  This involves having egress rules on your firewall that only allow your dns,  email and web proxy servers to go outbound.   That way you'll block any third party clients for chat as well as the built in chat in the mail.google.com site.

  • Regis Champion 457 posts since
    Oct 6, 2010
    Currently Being Moderated
    4. Oct 16, 2012 3:18 PM (in response to jsanchez)
    Re: Block Google Chat, MWG 7.2.0.2.0 (13603)

    I think you could've done it far more easily/cleanly by just blocking the category "Messaging."  Otherwise you're just playing chat wackamole.

  • btlyric Apprentice 184 posts since
    Aug 1, 2012
    Currently Being Moderated
    5. Oct 18, 2012 12:51 AM (in response to jsanchez)
    Re: Block Google Chat, MWG 7.2.0.2.0 (13603)

    Alternate/complementary solution -- configure DNS server used by MWG to be authoritative for chatenabled.mail.google.com, talk.google.com and talkx.l.google.com and return a non-existant IP address as the destination. Then configure MWG to block that IP address and category Instant Messaging. www.google.com/talk will get nailed by the Instant Messaging block and the rest of them will be blocked via DNS. If you don't want to block all Instant Messaging, block URL matches *www.google.com/talk*

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points