Has anyone successfully made 'scribd' ReadOnly Access?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Has anyone successfully made 'scribd' ReadOnly Access?

L3 Networker

Hello,

   We would like to allow "ReadOnly" access to Scribd hosted content.  I note that there is an application definition called 'scribd-uploading'.

   Has anyone successfully done this by blockign the 'scribd-uploading' application?

Thanks

Art

1 accepted solution

Accepted Solutions

L5 Sessionator

Hello Art,

I was able access scribd.com but not able to upload any files by blocking 'scribd-uploading' application only.

Here is how my security policies looked:

scribd.png

Also, I am seeing allowed sessions for 'scribd-base' application and discarded sessions for 'scribd-uploading' application

admin@PA-500> show session all filter application scribd-uploading

--------------------------------------------------------------------------------

ID      Application    State   Type Flag  Src[Sport]/Zone/Proto (translated IP[Port])

Vsys                                      Dst[Dport]/Zone (translated IP[Port])

--------------------------------------------------------------------------------

19704   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11583]/trust-L3/6  (10.66.24.50[60799])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19702   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11581]/trust-L3/6  (10.66.24.50[40027])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19700   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11579]/trust-L3/6  (10.66.24.50[6287])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19898   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11728]/trust-L3/6  (10.66.24.50[65050])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19858   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11696]/trust-L3/6  (10.66.24.50[39950])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19701   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11580]/trust-L3/6  (10.66.24.50[37286])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

admin@PA-500> show session all filter application scribd

Unrecognized application

admin@PA-500> show session all filter application scribd-base

--------------------------------------------------------------------------------

ID      Application    State   Type Flag  Src[Sport]/Zone/Proto (translated IP[Port])

Vsys                                      Dst[Dport]/Zone (translated IP[Port])

--------------------------------------------------------------------------------

19740   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11613]/trust-L3/6  (10.66.24.50[13139])

vsys1                                     50.97.140.66[443]/untrust-L3  (50.97.140.66[443])

19918   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11735]/trust-L3/6  (10.66.24.50[7920])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

19685   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11573]/trust-L3/6  (10.66.24.50[60986])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

19691   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11574]/trust-L3/6  (10.66.24.50[31546])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

19819   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11668]/trust-L3/6  (10.66.24.50[4729])

vsys1                                     174.35.35.7[80]/untrust-L3  (174.35.35.7[80])

19738   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11611]/trust-L3/6  (10.66.24.50[27250])

vsys1                                     50.97.140.66[443]/untrust-L3  (50.97.140.66[443])

19897   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11727]/trust-L3/6  (10.66.24.50[18451])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19739   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11612]/trust-L3/6  (10.66.24.50[50257])

vsys1                                     50.97.140.66[443]/untrust-L3  (50.97.140.66[443])

19735   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11610]/trust-L3/6  (10.66.24.50[11955])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

admin@PA-500>

The 'scribd-uploading' application is working as intended.

Regards,

Kunal Adak

View solution in original post

1 REPLY 1

L5 Sessionator

Hello Art,

I was able access scribd.com but not able to upload any files by blocking 'scribd-uploading' application only.

Here is how my security policies looked:

scribd.png

Also, I am seeing allowed sessions for 'scribd-base' application and discarded sessions for 'scribd-uploading' application

admin@PA-500> show session all filter application scribd-uploading

--------------------------------------------------------------------------------

ID      Application    State   Type Flag  Src[Sport]/Zone/Proto (translated IP[Port])

Vsys                                      Dst[Dport]/Zone (translated IP[Port])

--------------------------------------------------------------------------------

19704   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11583]/trust-L3/6  (10.66.24.50[60799])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19702   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11581]/trust-L3/6  (10.66.24.50[40027])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19700   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11579]/trust-L3/6  (10.66.24.50[6287])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19898   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11728]/trust-L3/6  (10.66.24.50[65050])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19858   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11696]/trust-L3/6  (10.66.24.50[39950])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19701   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11580]/trust-L3/6  (10.66.24.50[37286])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

admin@PA-500> show session all filter application scribd

Unrecognized application

admin@PA-500> show session all filter application scribd-base

--------------------------------------------------------------------------------

ID      Application    State   Type Flag  Src[Sport]/Zone/Proto (translated IP[Port])

Vsys                                      Dst[Dport]/Zone (translated IP[Port])

--------------------------------------------------------------------------------

19740   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11613]/trust-L3/6  (10.66.24.50[13139])

vsys1                                     50.97.140.66[443]/untrust-L3  (50.97.140.66[443])

19918   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11735]/trust-L3/6  (10.66.24.50[7920])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

19685   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11573]/trust-L3/6  (10.66.24.50[60986])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

19691   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11574]/trust-L3/6  (10.66.24.50[31546])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

19819   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11668]/trust-L3/6  (10.66.24.50[4729])

vsys1                                     174.35.35.7[80]/untrust-L3  (174.35.35.7[80])

19738   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11611]/trust-L3/6  (10.66.24.50[27250])

vsys1                                     50.97.140.66[443]/untrust-L3  (50.97.140.66[443])

19897   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11727]/trust-L3/6  (10.66.24.50[18451])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19739   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11612]/trust-L3/6  (10.66.24.50[50257])

vsys1                                     50.97.140.66[443]/untrust-L3  (50.97.140.66[443])

19735   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11610]/trust-L3/6  (10.66.24.50[11955])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

admin@PA-500>

The 'scribd-uploading' application is working as intended.

Regards,

Kunal Adak

  • 1 accepted solution
  • 2263 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!