Issue
Google Drive, drive.google.com, falls into the "online-personal-storage" category. However, when the "online-personal-storage" category is configured with the "block" action (as shown below) and SSL Decryption is enabled, "drive.google.com is still accessible.
Cause
Google Drive (drive.google.com) works over the SSL protocol and SSL decryption is required to detect its contents. When SSL decryption is enabled, URL filtering looks at the CN name in the certificate to determine the category. However, "drive.google.com" uses a wildcard certificate *.google.com" and is not detected as "online-personal-storage". Due to this, the Google Drive traffic is allowed.
Resolution
To block drive.google.com:
On the WebGUI, go to Policies > Security and create a policy which blocks the application "google-drive-web".
See the example below:
In the above policy:
- First rule blocks the google-drive-web application
- Second rule allows the rest of the traffic
Note: SSL decryption is necessary in order to identify the correct app-id "google-drive-web".
See Also