Google Drive Sync client with Decryption

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Google Drive Sync client with Decryption

L3 Networker

There seemed to be a work around in the past where you could launch googledrivesync.exe with a --unsafe_network switch that would allow it to deal with the decryption because they seem to have their own preloaded set of CA's the client trusts and doesn't not look at the OS certificate store for a list of trusted CA's. So anyway this used to work for us, but recently upgraded to 6.1.7 and don't know if Google changes something, but basically no more drivesync client.

 

I can not disable decryption on Google domain's because I will loose safe search enforcement, youtube safety-mode enforcement, and much else.

 

Does anybody from Palo Alto have any other work-arounds?

-Brad
1 REPLY 1

L1 Bithead

I am running version 7.1.1 and I have tested putting "*.dropbox.com" and "*.drive.google.com" on a custom URL category to then attach to a no-decrypt policy. One of the tests I ran was to execute the application with "--unsafe_network" and it worked. I was able to see traffic being decrypted for Google Drive and the behavior of the app was right.

Trying to understand why adding the domain "*.drive.google.com" doesn't work. I am not fond of creating exceptions for domains that are not requested for this particular app to work.

Maybe I will need to have a look into the DNS queries.

  • 2626 Views
  • 1 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!