03-23-2011 09:32 AM
hello !
I 'have seen on the same PC with the same windows user a strange problem:
when a user is connected on his facebook, I can see in the log facebook-chat DENY and the chat is blocked
when the same user is connected with an another facebook account , I can see in the log facebook-chat DENY but his chat works fine!!!!!
( the facebook work in http (not https) in the both case).
SO maybe they are a parameters on facebook account whose bypass this block application?
thanks for your idea or for your helps!!!
03-23-2011 07:28 PM
Hi,
As long as the user is hitting the same policy we should still block facebook chat regardless of how they are logged in.
If this user is confirmed to be using the same policy every time you should open a support case so we can take a look at this.
Regards,
Gary S.
03-24-2011 02:23 AM
hi Gary!
I confirm that user match the same policy because in the both case I use the same user and PC on the network. I just use a different facebook account. SO I think that this two users use different parmeters for their facebook chat. And if the facebook chat have a specific parameters the app facebook-chat match in the rule with deny but is not blocking . Before open a case i try to understand which parameters create this problem on facebook account, and after I send the information to palo-alto support fort modify the app facebook-chat.
Alex
04-19-2011 11:32 AM
Alex,
Did you have any luck? I have noticed that if a user has enabled SSL/HTTPS within the Facebook Application, then the Palo Alto won't block this application. However, if a FB user hasn't enabled that setting, then the Palo Alto has no problem blocking.
Thanks,
Kent
04-20-2011 05:39 AM
kmckown1 ha scritto:
Alex,
Did you have any luck? I have noticed that if a user has enabled SSL/HTTPS within the Facebook Application, then the Palo Alto won't block this application. However, if a FB user hasn't enabled that setting, then the Palo Alto has no problem blocking.
Thanks,
Kent
Have you enabled SSL-Decryption?
04-20-2011 01:06 PM
Yes, I have enabled SSL-Decryption but I believe I have something within SSL misconfigured. I am digging into that aspect right now but there doesn't appear to be very much to it once the initial SSL decryption policy is in place.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
