Just wondering if anyone has a solution in creating either an application id for proton vpn, and or other methods in preventing users from bypassing the palo firewall.
I have discovered today that this application is not being blocked or denied access from internal users.
Hi @DWilkin ,
How is the traffic being identified ? Are you decrypting (if possible) ?
You could try blocking encrypted tunnel and proxy traffic. But you might be blocking too much this way.
In addition you can block IP addresses that the app is using.
Doing some deeper log searchers it appears that open-vpn is capturing and recording users use of proton vpn application. Currently checking and creating restrictions on the app-id open vpn for these group of users. Will advise once I have had time to perform some testing.
Appreciate your response and input though - cheers.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!