Mega service

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Mega service

L3 Networker

Is programmed a content update during next week for the new application mega (mega.co.nz)?

Right now the service is recognized as ssl, web-browing and unknown-tcp and becomes urget its new calssification due to the high bandwidth consumption and downloading legal issue. Brighcloud classifies correctly as personal storage but an application-based view, except from custom app, is required as soon as possible.

1 accepted solution

Accepted Solutions

L3 Networker

Application mega build on app release 358

View solution in original post

6 REPLIES 6

L6 Presenter

I think a combination of appid's with url-filter is always advisable specially when the domain(s) use a dedicated name and the application is http/https-based.

Just compare with the app-id cache pollution during the xmas-holidays. If an url-filter had been used in combination with appid it would have been much harder to bypass the filter.

HI, i totally agree with you, a combination o app-id and url-based rule is the winning strategic solution. But first of all an app-id has to be built, i've defined protocols and networks for a custom app but i prefer working with an offical one.

App-id cache pollution  was a nightmare in explaining to my customers and spamming youtube videos spred out panic 🙂

I think currently the best option is to contact the appid team at reasearch center to get an official appid: http://researchcenter.paloaltonetworks.com/tools/

And until their work hits the appid-db, as a workaround, create a custom-appid which will look at the host part of the http request (using web-browsing or such as a base-app) along with an url-filter.

Also dont forget the ssl-termination (dunno if Mega is compatible with this or not).

Also dont forget the ssl-termination (dunno if Mega is compatible with this or not).

do you mean ssl decryption or a peculiar configuration upon custom app id?

L3 Networker

Application mega build on app release 358

Sorry for late response, I meant ssl decryption yes.

The one where the PA will terminate the ssl session and create another one towards Internet - the client must have the CA the PA device will use for the ssl session between PA box and the client as a trusted CA. However some applications refuses to have their SSL traffic terminated or inspected (like windowsupdate among others). I dont know if this is the case for mega aswell. The PA can do a light edition of inspection (or just logging that is) for ssl it cannot terminate (decrypt) and that is by looking at the CN record of the cert being used (used for url-filtering when ssl decrypt is not active).

The best is to try to enable ssl decrypt and see how that works with mega (because then you can do stuff like IPS, AV, filetypes etc)...

  • 1 accepted solution
  • 3137 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!