Has anyone successfully made 'scribd' ReadOnly Access?

Announcements

ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.

Reply
Highlighted
L3 Networker

Has anyone successfully made 'scribd' ReadOnly Access?

Hello,

   We would like to allow "ReadOnly" access to Scribd hosted content.  I note that there is an application definition called 'scribd-uploading'.

   Has anyone successfully done this by blockign the 'scribd-uploading' application?

Thanks

Art


Accepted Solutions
Highlighted
L5 Sessionator

Hello Art,

I was able access scribd.com but not able to upload any files by blocking 'scribd-uploading' application only.

Here is how my security policies looked:

scribd.png

Also, I am seeing allowed sessions for 'scribd-base' application and discarded sessions for 'scribd-uploading' application

admin@PA-500> show session all filter application scribd-uploading

--------------------------------------------------------------------------------

ID      Application    State   Type Flag  Src[Sport]/Zone/Proto (translated IP[Port])

Vsys                                      Dst[Dport]/Zone (translated IP[Port])

--------------------------------------------------------------------------------

19704   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11583]/trust-L3/6  (10.66.24.50[60799])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19702   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11581]/trust-L3/6  (10.66.24.50[40027])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19700   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11579]/trust-L3/6  (10.66.24.50[6287])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19898   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11728]/trust-L3/6  (10.66.24.50[65050])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19858   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11696]/trust-L3/6  (10.66.24.50[39950])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19701   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11580]/trust-L3/6  (10.66.24.50[37286])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

admin@PA-500> show session all filter application scribd

Unrecognized application

admin@PA-500> show session all filter application scribd-base

--------------------------------------------------------------------------------

ID      Application    State   Type Flag  Src[Sport]/Zone/Proto (translated IP[Port])

Vsys                                      Dst[Dport]/Zone (translated IP[Port])

--------------------------------------------------------------------------------

19740   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11613]/trust-L3/6  (10.66.24.50[13139])

vsys1                                     50.97.140.66[443]/untrust-L3  (50.97.140.66[443])

19918   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11735]/trust-L3/6  (10.66.24.50[7920])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

19685   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11573]/trust-L3/6  (10.66.24.50[60986])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

19691   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11574]/trust-L3/6  (10.66.24.50[31546])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

19819   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11668]/trust-L3/6  (10.66.24.50[4729])

vsys1                                     174.35.35.7[80]/untrust-L3  (174.35.35.7[80])

19738   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11611]/trust-L3/6  (10.66.24.50[27250])

vsys1                                     50.97.140.66[443]/untrust-L3  (50.97.140.66[443])

19897   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11727]/trust-L3/6  (10.66.24.50[18451])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19739   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11612]/trust-L3/6  (10.66.24.50[50257])

vsys1                                     50.97.140.66[443]/untrust-L3  (50.97.140.66[443])

19735   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11610]/trust-L3/6  (10.66.24.50[11955])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

admin@PA-500>

The 'scribd-uploading' application is working as intended.

Regards,

Kunal Adak

View solution in original post


All Replies
Highlighted
L5 Sessionator

Hello Art,

I was able access scribd.com but not able to upload any files by blocking 'scribd-uploading' application only.

Here is how my security policies looked:

scribd.png

Also, I am seeing allowed sessions for 'scribd-base' application and discarded sessions for 'scribd-uploading' application

admin@PA-500> show session all filter application scribd-uploading

--------------------------------------------------------------------------------

ID      Application    State   Type Flag  Src[Sport]/Zone/Proto (translated IP[Port])

Vsys                                      Dst[Dport]/Zone (translated IP[Port])

--------------------------------------------------------------------------------

19704   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11583]/trust-L3/6  (10.66.24.50[60799])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19702   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11581]/trust-L3/6  (10.66.24.50[40027])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19700   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11579]/trust-L3/6  (10.66.24.50[6287])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19898   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11728]/trust-L3/6  (10.66.24.50[65050])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19858   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11696]/trust-L3/6  (10.66.24.50[39950])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19701   scribd-uploading DISCARD FLOW  NS   192.168.50.105[11580]/trust-L3/6  (10.66.24.50[37286])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

admin@PA-500> show session all filter application scribd

Unrecognized application

admin@PA-500> show session all filter application scribd-base

--------------------------------------------------------------------------------

ID      Application    State   Type Flag  Src[Sport]/Zone/Proto (translated IP[Port])

Vsys                                      Dst[Dport]/Zone (translated IP[Port])

--------------------------------------------------------------------------------

19740   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11613]/trust-L3/6  (10.66.24.50[13139])

vsys1                                     50.97.140.66[443]/untrust-L3  (50.97.140.66[443])

19918   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11735]/trust-L3/6  (10.66.24.50[7920])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

19685   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11573]/trust-L3/6  (10.66.24.50[60986])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

19691   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11574]/trust-L3/6  (10.66.24.50[31546])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

19819   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11668]/trust-L3/6  (10.66.24.50[4729])

vsys1                                     174.35.35.7[80]/untrust-L3  (174.35.35.7[80])

19738   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11611]/trust-L3/6  (10.66.24.50[27250])

vsys1                                     50.97.140.66[443]/untrust-L3  (50.97.140.66[443])

19897   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11727]/trust-L3/6  (10.66.24.50[18451])

vsys1                                     50.97.140.66[80]/untrust-L3  (50.97.140.66[80])

19739   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11612]/trust-L3/6  (10.66.24.50[50257])

vsys1                                     50.97.140.66[443]/untrust-L3  (50.97.140.66[443])

19735   scribd-base    ACTIVE  FLOW  NS   192.168.50.105[11610]/trust-L3/6  (10.66.24.50[11955])

vsys1                                     173.192.64.45[80]/untrust-L3  (173.192.64.45[80])

admin@PA-500>

The 'scribd-uploading' application is working as intended.

Regards,

Kunal Adak

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!