11-07-2016 12:27 AM
Just want to know,
1- If PA can not identify the web application then it will classify it as SSL/Web-browsing or unknown-tcp?
2- unknown-tcp and unkown-udp is only for client/server application?
11-07-2016 12:04 PM - edited 11-07-2016 12:12 PM
Thank for reply. Again sorry for my ignorance but want to ask:
1- In genral if I allow only web-browsing and SSL in security policy (assuming doing the SSL decryption) and PA identify the deepr application like fb-chat then in this case the access to that deeper application will be blocked? In short allowing web-browsing and SSL only, will not allow all web-applications?
2- Coming to proxy question, how I can know all the web applicaitons on internet, user will browse on internet and allow in policy?I just want allow all web-browsing and SSL from proxy to internet. What can I do?
11-07-2016 11:10 PM
2. Work with app categories or application filters as they are called. Or allow port 80 and 443 and only block selcted apps and/or categories.
11-08-2016 01:33 AM
11-09-2016 04:18 AM
@santonic Just one question, if I am not doing SSL decryption on PA, then all internet web-browsing would be boils down to SSL and web-browsing applications? So in security policy if I allow only web-browsing and SSL applications for bluecoat to internet traffic (browsing) then it would be fine right?
11-09-2016 04:45 AM
On http traffic you will have a lot of applications always as it's not encrypted.
On https traffic most of sessions will be recognised only as SSL without decryption. But in same cases (like for example TeamViewer where destination for CONNECT command is always something like *.teamviewer.com) specific application will be recognised even without decryption.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!