Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience. Visit our blog to learn more.
01-27-2013 03:20 AM
Is programmed a content update during next week for the new application mega (mega.co.nz)?
Right now the service is recognized as ssl, web-browing and unknown-tcp and becomes urget its new calssification due to the high bandwidth consumption and downloading legal issue. Brighcloud classifies correctly as personal storage but an application-based view, except from custom app, is required as soon as possible.
01-27-2013 08:05 AM
I think a combination of appid's with url-filter is always advisable specially when the domain(s) use a dedicated name and the application is http/https-based.
Just compare with the app-id cache pollution during the xmas-holidays. If an url-filter had been used in combination with appid it would have been much harder to bypass the filter.
01-27-2013 08:18 AM
HI, i totally agree with you, a combination o app-id and url-based rule is the winning strategic solution. But first of all an app-id has to be built, i've defined protocols and networks for a custom app but i prefer working with an offical one.
App-id cache pollution was a nightmare in explaining to my customers and spamming youtube videos spred out panic 🙂
01-27-2013 08:47 AM
I think currently the best option is to contact the appid team at reasearch center to get an official appid: http://researchcenter.paloaltonetworks.com/tools/
And until their work hits the appid-db, as a workaround, create a custom-appid which will look at the host part of the http request (using web-browsing or such as a base-app) along with an url-filter.
Also dont forget the ssl-termination (dunno if Mega is compatible with this or not).
01-27-2013 08:55 AM
Also dont forget the ssl-termination (dunno if Mega is compatible with this or not).
do you mean ssl decryption or a peculiar configuration upon custom app id?
03-02-2013 03:43 PM
Application mega build on app release 358
03-03-2013 08:52 AM
Sorry for late response, I meant ssl decryption yes.
The one where the PA will terminate the ssl session and create another one towards Internet - the client must have the CA the PA device will use for the ssl session between PA box and the client as a trusted CA. However some applications refuses to have their SSL traffic terminated or inspected (like windowsupdate among others). I dont know if this is the case for mega aswell. The PA can do a light edition of inspection (or just logging that is) for ssl it cannot terminate (decrypt) and that is by looking at the CN record of the cert being used (used for url-filtering when ssl decrypt is not active).
The best is to try to enable ssl decrypt and see how that works with mega (because then you can do stuff like IPS, AV, filetypes etc)...
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
