Hot!Certain websites can pass web filter policy.

Author
Yahowmy
New Member
  • Total Posts : 5
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/10/28 04:25:46
  • Status: offline
2018/11/28 21:50:14 (permalink)
0

Certain websites can pass web filter policy.

Hello,
 
I created a web filter profile to block social networking websites, however some can pass such as, Facebook and Instagram
 
Here is what i did:
  • Blocked whole sub category (Social networking).
  • Linked SSL deep scan filter to the policy and imported the certificated.
  • Cleared browsing history and restarted the browser (Chrome and Firefox).
  • Created static URL filter and added wildcard for facebook.
  • Created application signature and added anything related to facebook to block it.
  • Blocked QUIC protocol.
In the forward traffic logs i get that application name is Facebook-Web and it is allowed.

 
Your help will be appreciated. 
Regards.

Attached Image(s)

#1

3 Replies Related Threads

    Danté
    New Member
    • Total Posts : 19
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/07/13 12:03:16
    • Status: offline
    Re: Certain websites can pass web filter policy. 2018/11/29 04:20:32 (permalink)
    0
    Good Day,
     
    What you did with the web filter and application filter looks in order.

    I would recommend that you double check your policies and make sure the source are contained in the policy where the filters are applied on. Also check if there are perhaps any policy above the policy where filters are applied which is allowing access as this will be where the traffic is then going through and not hitting your filters.
     
    Regards,
    Danté
    #2
    Yahowmy
    New Member
    • Total Posts : 5
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/10/28 04:25:46
    • Status: offline
    Re: Certain websites can pass web filter policy. 2018/11/30 21:38:07 (permalink)
    0
    Thank you Danté for the response,
     
    Actually i already checked this, in the forward traffic logs the policy applied number is the right policy and it is also in the top of other policies.
    It is blocking web sites from same category such as Twitter and Youtube, however Facebook get pass this policy in case SSL deep inspection is applied, but in case of SSL certificate inspection applied it get blocked.
    The odd thing is it is blocking anything related to Facebook such as if you googled the word facebook but if you typed the URL https://www.facebook.com it will pass.
    #3
    Yahowmy
    New Member
    • Total Posts : 5
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/10/28 04:25:46
    • Status: offline
    Re: Certain websites can pass web filter policy. 2018/12/05 00:14:58 (permalink)
    0
    When changing the inspection mode configuration from flow-based to proxy it get blocked,
    Can someone explain why?
     
    #4
    Jump to:
    © 2018 APG vNext Commercial Version 5.5