Using Web Filtering & SSL/SSH inspection & Application Control at the same time
I'm struggling with enabling Web Filtering, SSL/SSH inspection, and Application Control simultaneously.
What I want to achieve through this is:
1. Block all the access except for some endpoints
(e.g. need to allow access to windowsUpdate, Office365(authentication), AntiVirusSoftware(Updates) )
to accomplish this,
I set, in URL filtering, * to be blocked(name: *, action:block) so that all the access be blocked
and above that set some URLs to be allowed(*.microsoftonline.com, *office365* for example)
Though it only works for HTTP, (HTTPS is not blocked)
I also enabled SSL/SSH certificate-inspection and set action to block.
Here I could allow access only to the URL examples.
2. Allowing some applications(also denying other applications)
it's so hard to check all the URLs needed to allow for every application we use in our company,
so I'm thinking of using Application Control to allow/deny specific application traffic.
But here's the problem.
My vision is, while Controlling access through Web Filtering & SSL/SSH inspection.
allow some application traffic listed as the signatures.
But it doesn't work; if I block every category of Application Control, and allow some signatures,
URLs whitelisted above don't work anymore.
Is it impossible to use Web(URL)Filtering, SSL/SSH inspection and Application Control at the same time?