https://live.paloaltonetworks.com/t5/general-topics/control-android-and-other-smartphones/m-p/4775#M3522 <HTML><HEAD></HEAD><BODY><P>The iPhone/iPad custom signature is based on a pattern match.&nbsp; It looks for the User-Agent header HTTP requests to contain the string that identifies it as an iPhone/iPad.&nbsp; That header contains the value "iPad" so it's pretty easy to identify.&nbsp; So to answer your question about how to do it for other smart phones, the answer is yes you can use this method, provided you know what the request headers look like.&nbsp; If the request headers, such as the User-Agent header, has an identifiable value (something like say "Android"), then you can plug that in and use it.&nbsp; I don't know what these might be for the various mobile devices, so you might have to do some research on this, or take some packet captures and view them for yourself.</P><P></P><P>If it helps you, I found this outside link showing a list of user agents for mobile devices:</P><P></P><P><A class="jive-link-external-small" href="http://en.wikipedia.org/wiki/List_of_user_agents_for_mobile_phones">http://en.wikipedia.org/wiki/List_of_user_agents_for_mobile_phones</A></P><P></P><P></P><P>As far controlling by IP ranges, you can create a policy that has a source of the IP range that you desire, traffic type you desire (e.g., web-browsing) and apply your custom vulnerability profile with your custom signature to that policy.</P></BODY></HTML> Fri, 28 Jan 2011 16:44:05 GMT spolo 2011-01-28T16:44:05Z https://live.paloaltonetworks.com/t5/general-topics/control-android-and-other-smartphones/m-p/4774#M3521 <HTML><HEAD></HEAD><BODY><P>I managed to use the setup for blockin iphone/ipad trafic. </P><P><A class="active_link" href="https://live.paloaltonetworks.com/docs/DOC-1503">https://live.paloaltonetworks.com/docs/DOC-1503</A></P><P></P><P>Some questions... </P><P>How do we do this for other smartphones?</P><P>And is it possible to control this with IP range for instance? Or other methods?</P><P>Thinking about allowing it on some locations and drop packets on other?</P><P>I have not been successful on this yet</P><P></P><P>Sincerely</P></BODY></HTML> Fri, 28 Jan 2011 11:42:58 GMT https://live.paloaltonetworks.com/t5/general-topics/control-android-and-other-smartphones/m-p/4774#M3521 oddmbjer 2011-01-28T11:42:58Z https://live.paloaltonetworks.com/t5/general-topics/control-android-and-other-smartphones/m-p/4775#M3522 <HTML><HEAD></HEAD><BODY><P>The iPhone/iPad custom signature is based on a pattern match.&nbsp; It looks for the User-Agent header HTTP requests to contain the string that identifies it as an iPhone/iPad.&nbsp; That header contains the value "iPad" so it's pretty easy to identify.&nbsp; So to answer your question about how to do it for other smart phones, the answer is yes you can use this method, provided you know what the request headers look like.&nbsp; If the request headers, such as the User-Agent header, has an identifiable value (something like say "Android"), then you can plug that in and use it.&nbsp; I don't know what these might be for the various mobile devices, so you might have to do some research on this, or take some packet captures and view them for yourself.</P><P></P><P>If it helps you, I found this outside link showing a list of user agents for mobile devices:</P><P></P><P><A class="jive-link-external-small" href="http://en.wikipedia.org/wiki/List_of_user_agents_for_mobile_phones">http://en.wikipedia.org/wiki/List_of_user_agents_for_mobile_phones</A></P><P></P><P></P><P>As far controlling by IP ranges, you can create a policy that has a source of the IP range that you desire, traffic type you desire (e.g., web-browsing) and apply your custom vulnerability profile with your custom signature to that policy.</P></BODY></HTML> Fri, 28 Jan 2011 16:44:05 GMT https://live.paloaltonetworks.com/t5/general-topics/control-android-and-other-smartphones/m-p/4775#M3522 spolo 2011-01-28T16:44:05Z