How to create a custom app signature to identify IE browsers when using http and https

Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to create a custom app signature to identify IE browsers when using http and https

L3 Networker

I am looking for a way to create an custom application signature to identify IE browsers when accessing the internet and reliably identify it whether it is using http or https. Currently I have a custom app signature the works great when accessing http sites but fails when accessing https sites.

I have set the custom app signature up with pattern matching. Context of [http-req-headers] and the pattern of [compatible; MSIE 10.0;]. this was created based on the creating a custom app signature document.

When I use it in a policy that has only this app in it. I sees the the browser and throws up a response page. The other half of the policy should have the url category of social-networking. And when this is used by itself in a policy, it works great in both http and https. However put both together and access an https page and the browser app is ignored and typically shows ssl as the app. And the url category is not seen either.

The question then is can I create a custom app signature that can identify the browser when using an https page. Is there a different context that I should use for https rather than the http-reg-headers option?

Any thoughts and suggestions are welcomed.



L4 Transporter

I think you have to decrypt the https connection

with the ssl outbound forward proxy

  • 1 replies
  • 71 Subscriptions
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!