09-17-2010 07:53 AM
Ok, don't shoot the messenger but I was asked to see if I could unblock the queue management area for Netflix but still block the streaming media part of it... We're using the URL filtering capabilities of the PA 2050 device and I have a policy defined that's based on an Active Directory user group to filter traffic. I'm not sure how I would go about doing this, any thoughs?
09-20-2010 10:20 AM
Its pretty basic, your going to create a rule that precedes your URL filtering rule. The rule will be from trust to untrust application will be "netflix" and action will be drop.
09-20-2010 08:38 AM
Have you considered allowing the URL but blocking the App?
I created a policy that allows the URL but blocks the "netflix" application and I am able to managem my queue but not watch streaming video's from the site.
09-20-2010 09:22 AM
That sounds very promising, you wouldn't happen to have some specifics on how to do this would you?
09-20-2010 10:20 AM
Its pretty basic, your going to create a rule that precedes your URL filtering rule. The rule will be from trust to untrust application will be "netflix" and action will be drop.
09-20-2010 01:15 PM
That worked perfectly, the queue management stuff works while the streaming part just dies. Thanks for the help!
02-03-2011 01:36 PM
Has Palo Alto changed the Netflix signature recently? In September we had blocked the application per Phil's suggestion earlier in this thread and people were able to login and manage their queue but couldn't view any movies. This morning, though, I wasn't able to login anymore. Thanks --
02-08-2011 06:40 AM
@cshep: you would have to review all of the release notes to see what has changed between each version of the content update to see if PAN engineering have updated any particular application signature(s).
A key question that should help you find the cause of your issue:
What log is showing Netflix browsing as "deny" or "block"?
If you see the block in either the "traffic" or "threat" logs then that would be due to either an application update or an antivirus update. If you see the block in the URL filtering log then it is your URL filtering profiles that need examination.
-benjamin
02-08-2011 08:03 AM
I would say looking at the logs should give you an indication of whats going on with the block. I have a handful or preset filters for looking at that kind of thing. I'm running 3.1.4 code with the latest app and threat updates and have just noticed I'm unable to get to the netflix.com queue. I can get to the sites front page however loggin in doesn't happen. When I look at the traffic log is see a deny for netflix based on the app, i don't see anything blocked in the URL log for netflix so it's definately the app. I'd have to look back as well but I'm guessing a app and threat update changed something.
11-22-2011 12:57 PM
Anyone found a solution for this? I am on 4.0.7 code and have been asked to do the same thing. I can either block the whole site or none of it.
11-22-2011 01:58 PM
Based upon my research there have been no recent updates to the Netflix application ID in our content updates.
If you require assistance resolving this issue I would suggest posting some screen shots of the traffic, URL filtering and threat logs to this thread so that we can do some detective work and find the root cause of the issue.
Thanks,
Benjamin
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
