How to Allow an App But Block a "Depends On?"

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

How to Allow an App But Block a "Depends On?"

L2 Linker

From what I understand, you need to explicitly allow "depends on" apps for a given app to work,

 

https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Check-if-an-Application-Needs-Explic...

 

However, what if I want to only allow the "child" application, but not the parent?

 

My example is "logmein." We explicitly block it since it violates policies to have employees to set up their own remote access into our network. However, Microsoft uses LogMeIn as a support tool. I think that functionality is the "logmeinrescue" application.

 

So how can I set up my security policy to allow logmeinrescue, but not allow generic logmein? I'm not sure if it is possible.

2 REPLIES 2

Cyber Elite
Cyber Elite

If some app depends on other then both have to be permitted.

For example when you go to google-translate then web-browsing application is first detected and then later on application shift happens and application will turn to google-translate.

If you would block web-browsing then you could never get to google-translate and you could not use it.

Maybe someone has better idea but of the top of my head I would give few.

- Have limited number of people who you give logmein permission (maybe helpdesk).

- Limit logmein during working hours only (then users can't log into computer when they go home after work)

- Set up continue page for logmein so persons would have to click continue button manually on fw response page (or know overide password).

- Set up Group Policy to log off inactive users. So when users go home their workstations log off. And create Firewall policy that blocks unauthorized users to access internet (maybe only software-update sites).

- Set up reporting and punish non behaving users 🙂

 

 

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

According to my experience some of the applications work even if you have some applications which they depend on blocked. So it might be worth to try it without those apps and see how it goes. 

  • 2961 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!