UTM: How to Block Access to Proxy Websites using Application Control (SW9080)

Return
  • Title

    UTM: How to Block Access to Proxy Websites using Application Control
  • Resolution

    Article Applies To:

    SonicWALL Security Appliance Platforms:

    Gen5: NSA E8500, NSA E7500, NSA E6500, NSA E5500, NSA 5000, NSA 4500, NSA 3500, NSA 2400, NSA 240
    Gen5 TZ Series: TZ210, TZ210W, TZ 200, TZ200W, TZ100, TZ100W
    Firmware/Software Version: SonicOS Enhanced 5.8.0.1 and above

    Services: App Control Advanced


    Description:

    This article describes how to block access to proxy websites using the SonicWALL App Control Advanced feature. 


    Procedure:

    The SonicWALL App Control Advanced feature contains numerous signatures to block access to proxy websites. Access can be restricted or blocked in the following three ways:

    • Block by Category: This is a global setting blocking access to all proxy websites.
    • Block by Application: In this method, particular proxy sites can be blocked by name.
    • Block by Signatures: Using this method individual signatures for each site can be blocked.

    Blocking the Category Proxy Access:

    • Login to the SonicWALL Mangement GUI.
    • Navigate to the Firewall > App Control Advanced page. In Gen5 TZ devices this page is under Security Services > App Control
    • Check the box under Enable App Control  and click on the Accept button at the top to enable App Control.
    • Under App Control Advanced > View Style select PROXY-ACCESS under Category
    • Click on the configure button.
    • In the Edit App Control Category window, select Enable under Block and Log fields.
    • Click on OK to save.

    Blocking an individual proxy website:

    • Under App Control Advanced > View Style > Application, select a proxy website you wish to block. (In this example Kproxy)
    • Click on the configure button.
    • In the Edit App Control Application window, select Enable under Block and Log fields.
    • Click on OK to save.

    Blocking a signature for a proxy website:

    • Under App Control Advanced > View Style > Application, select a proxy website you wish to block (in this example Vtunnel).
    • Set Viewed By to Signature
    • Listed below would be signatures for the website you have selected under Application.
    • Click on the configure button on any one of the signatures you wish to block.
    • In the Edit App Control Signature window, select Enable under Block and Log fields.
    • Click on OK to save.




    Testing

    When accessing a proxy website earmarked for blocking, the following messages will be logged under Log > View, depending on the signature you have selected for blocking:


     

  • Key Words

    9080


Product(s):
SonicWALL NSA Series
4500, 3500, 2400, 240
SonicWALL E-Class NSA Series
E8500, E7500, E6500, E5500
SonicWALL TZ Series
210W, 210, 200W, 100W, 100

Topic(s):
Technical Solutions

Article History:
Created on: 8/8/2011
Last Update on: 5/13/2014

Feedback submitted.

Did this article help?

[Select Rating]

Thank you for your rating!

Close

Request or Create a KB Article »