When you purchase a Western Digital Mycloud device, it comes with the ability to share this data from anywhere. I dont know exactly how they do this. I am assuming the drive/NAS calls out to a MyCloud website, nails up a connection, and allows remote users to ride this connection back to access the data. So far I havent been able to get details of exactly how this works.
We are a highly regulated company and need to block this traffic. Anyone come across this ? Have any luck blocking it ?
Start with the Traffic logs to see how its communicating out, application, IP, etc. If there is an application teh PAN recognizes, block that APP with a security Deny rule. Then check the URL logs to see if the destination IP correlates to a URL. If yes then you can block that URL with a Custom URL category, i.e. URL's to block, and add it in there with a deny rule. If no and its an IP hunt, try contacting WD and see if they they ahve alist of IP's they use and block that group.
That's how I would start.
Hope it helps.
I'm not actually positive that they themselves host the data, I'm pretty sure they don't. From what I remember from looking at it the app essentially relies on UPNP to create a port to the WD, then the webservers that they connect to simply keep track of the information for you. I would be interested in knowing if this is actually working right out of the gate, my gut is telling me that you'll find it likely doesn't work already.
One way you could potentially (probably the easiest too) block the functionality of this site is to create a custom URL object with the site(s) that a user connects to the "WD MyCloud." You could then create a file blocking profile which blocks the ability to upload or download to any file / any application and attach this file blocking profile to a security rule using both these custom objects.
@jhickey If this drive only needs to be available on that specific subnet? If that is the case, can you just assign a static ip address to it without a default gateway and dns setting ?
You may want to check with your internal IT security team as well. What is the risk to your company?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!