I run into behavior that I can't explain.
We make teams available on the virtual desktops (web-based & desktop app)
We only want to block the use of audio and video within the functionality of both teams options.
Users are not allowed to use this (due to performance reasons)
In our situation we have configured ssl/tls decryption.
One policy has been defined that blocks the ms-teams-audio-video application.
All other ms-teams* applications are allowed.
However, this ensures that audio and video can be used in both options, the desktop app and web-based.
In the logging I see that the traffic is recognized as ms-teams and I don't see any ms-teams-audio-video.
I expected that as soon as I use audio and video in teams the Palo would recognize this as ms-teams-audio-video
Am I misunderstanding things and is this normal behavior? Or does the application recognition not work properly?
apps & threats: 8261-7584
With kind regards,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!