Comments
-
@BWC : tried it. Won't budge. Created a Match Object: NB: tried different 'Match Object Types' like HTTP URL and HTTP Host. Also tried all different 'Match Types'. Then made an App Rule policy: Doesn't work. As soon as I switch off DPI SSL, I can download files without problems. Which makes sense, since in that case the…
-
@Ajishlal : I understand, but IMO you seem to miss the point? I don't want to exclude the whole domain in case of a CDN. It's like giving carte blanche to all (mis)users of that CDN. By using an URI, you can pinpoint just a fraction of a CDN. My thought was that URI's on the allow list would not be blocked by any service.…
-
@Ajishlal : Yes, that would work. Thing is, more and more websites host their data on a CDN. Bypassing a whole CDN means all data from that CDN bypasses GAV. You don't want that. So that's where the URI comes into play - it gives a more granular means of bypassing GAV for just a part of a CDN. Since that doesn't seem to…
-
Well, that hope was short-lived. App Rules don't seem to work. So I decided to disable Capture ATP all-together and then upload a file to WeTransfer (should have tried that in the first place....). And the result is, the upload still rolls back frequently until WeTransfer gives up? So I think we can rule out Capture ATP as…
-
This seems to turn out easier then I thought - using App Rules. There's already a predefined app for WeTransfer under Match Object. So I created a Match Object for WeTransfer and added it to the App Rules policy, setting to bypass GAV. Not ideal, since you would like to have all downloads scanned, so if there's a better…
-
Hi @Preston, I gave it a try and this seems to work so far?
-
The devices themselves are not the problem - it's the app to control them giving problems. But you are right; it would be best to put those things in their own network. In which case they cannot be controlled with the app from within the LAN. Not necessarily a bad thing. We're going to plug them into the Wifi-network,…
-
Hi Preston, Gave it a try, but you cannot enter wetransfer.com/api/v4/transfers/* as a host name. I tried *.wetransfer.com on it's own, but that doesn't work when uploading files - they are redirected to wt-prod-s3asaservice-storm.s3.eu-west-1.amazonaws.com. Posted a question for the people of Wetransfer, and this is what…
-
Yup.
-
Same here (Netherlands). Lots of Xmas tree attacks coming from Chinese telco's. And China is on the list of blocked Geo-IP countries. TZ470W, SonicOS 7.0.1-5050.
-
Found out Capture ATP is the first service to intercept files. And this service does log the filename. If the file is subsequently blocked by GAV due to be a multi-compresed ZIP-file, I can look down the log a couple of entries to get the filename and address it came from: Still a bit cumbersome - there should be a more…
-
Right, with some fiddling on the firewall logs and some filters in Outlook to throw away unneeded stuff, I now get a pretty good picture of blocked files and where they come from. Thanks!
-
Hello @preston, I enabled the option last Friday and boy, did I get results.... My mailbox was flooded with about 30.000 mails.... The majority of them about ActiveSync. We have an on-premise Exchange server and an bunch of connected smart phones. Turns out they all exchange small files with the Exchange server - about 5…
-
Hmm, still not clear? It doesn't outline the exact route of a packet. I assumed it would first check Access Rules and then, if passed, drop into the Security Services. Diagram doesn't show....
-
Bummer. Adding windowsupdate.com as exception didn't work. Now I'm stuck....