For those who care, http://www.useragentstring.com/pages/All/ contains a decent list of UA strings. Notice that there are a lot of customised versions of IE out there. It is also possible to create custom app-id's to recognise different browsers, although I doubt this would be a good strategy (you care more about the content than the accessor).
I have created a custom application to detect Firefox as an app, this seems to be working well as it is detecting it in the traffic logs.
We have a requirement to block Firefox as it enables the users to bypass the proxy setting set in the GPO in AD.
I have a test rule to block firefox at the top of my policy set but it seems to only be active on news-media catagorized web sites like bbe,cnn etc
When browsing to Google or anyother site it hits my general access rule at the bottom of my policy list.
Any ideas? Have i created the app incorrectly ?
see attached appid
It would also be possible to define this as a custom threat id, which may be a better model, as you consider the software a threat. It would log more clearly. To my mind the App-ID is a protocol recognition engine, even though it does support some well known web sites (to which site-specific protocols are inextricably linked).
FF users can obscure their User-Agent string, so it would be worth watching for hits on the addons.mozilla.org site.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!