08-03-2011 08:09 AM
Hi
We allowed file downloads for a group of users under the 'web-browsing' application but when they try to download a Jave update directly from the Java website, the application gets categorized as 'java-update' which is an application we block as we don't want PCs to auto-update Java.
Does anyone know the criteria used to hit an application match and how to find Palo's definition of 'java-update'?
Many thanks in advance.
Jim
08-03-2011 06:18 PM
Java-Update application signature can look at serveral different aspects of the session. It will look at the files being downloaded and include hostnames, certs, etc. I would suggest if you need to download the java update you set a temp allow rule for java-update, or look for offline installation methods.
Dominic
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
