01-28-2010 03:16 AM
It's possible to control ActiveX traffic? Of course this is not an application, but it would improve secuity on the PAN device. The same for other embedded objects (Java Applets,etc.) and embedded scripts (javascript,Visual Basic script,etc).
Any ideas about the future or wath we can already do ?
Thanks Boris
01-28-2010 01:00 PM
Yes, we can block activex via file blocking. The file type for activex is ocx.
Alfred
01-28-2010 07:16 AM
Boris,
I'm going to take a stab at this and say that if you set up a block .OCX files action in a File Blocking Profile on your PAN device you should be able to stop ActiveX Controls. Here is what I found on-line about .OCX files.
An OCX is an Object Linking and Embedding (OLE) custom control, a special-purpose program that can be created for use by applications running on Microsoft's Windows systems.
Microsoft now calls an OCX an ActiveX control, the component object under Microsoft's set of ActiveX technologies, of which the fundamental concept is the Component Object Model (COM) and, in a network, the Distributed Component Object Model (DCOM).
Maybe someone at Palo Alto can add to this.
Thanks,
Jeff
01-28-2010 10:42 AM
I verified with Support on this one and they say that the PAN won't block ActiveX. It can only be blocked through the browser settings.
01-28-2010 01:00 PM
Yes, we can block activex via file blocking. The file type for activex is ocx.
Alfred
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
