2 Replies Latest reply on Oct 21, 2014 1:45 PM by virpi

    Can't block application control on SMC5.7

    chanatip

      I want to do application control on SMC5.7 such block Paypal , Socialcam , Facebook chat and app but can't that block  facebook chat and app.

      here be table rule policy that I set up as figure show below. This is correct, yer or no ?

       

      11.png

      Thank in advance ^_^

        • 1. Re: Can't block application control on SMC5.7
          thyvarin

          Hi,

           

          There's should be no need to add the HTTPS service on these rules, so I would suggest just using application elements in Service cell. Note also following from documentation:

          Creating Access Rules for Application Detection

           

          Note –

          If Server Credentials or a Client Protection Certificate Authority have been uploaded to the engine, adding an Application that allows or requires the use of TLS to an Access rule may enable the decryption of the following TLS traffic: TLS traffic from Applications that cannot be identified based on cached Application information, TLS traffic that matches an Access rule that enables Deep Inspection if the Service cell contains an Application or a Service that does not include a Protocol Agent, and TLS traffic for which there is no TLS Match with the Deny Decrypting option that excludes the traffic from TLS Inspection.

           

          BR,

          Tero

          • 2. Re: Can't block application control on SMC5.7
            virpi

            Do I understand correctly that with 15.6 rule you are able to block two applications, but Facebook applications on 15.5 rule fail. In that case most likely reason is communication to use SPDY protocol which is extension to HTTPS. NGFW 5.7 is not able to decrypt SPDY and thus Facebook detailed applications could not work. Generic Facebook application that is based on TLS match works still even with SPDY.

             

            You could test whether it is question of this by disabling SPDY on your browser.