According to Google, the only way to block access to consumer gmail accounts, is to intercept the traffic, and insert a HTTP header for all traffic going to google.com. Obviously PAN-OS can perform SSL inspection, but can it do the HTTP header insertion?
Here's Google's page on this: https://support.google.com/a/answer/1668854?hl=en
you can't inject things into the header of http sessions, but you can perform SSL decryption, inspect applications inside and block gmail by application
Even we have a app-id for the same but the application depends on ssl also.
Hence we require an ssl decryption ( either for custom category or for web-based email ) to make it work properly
you can also block attachment through the same if needed when ssl decrytpion in place
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!