Options

Feature Request for a new WebBlocker Category

amccannamccann
in Firebox - Product Enhancements

I would like to see a new WebBlocker category for RMMs.

It would be useful to have a category for blocking/unblocking all known RMMs. With the hacks of RMMs and the power a hacker would have over systems when an RMM is hacked, it would be nice to categorically block all known RMMs and allow just the one(s) we want to allow.

Comments

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @amccann
    For applications like RMMs, I would suggest looking into Application Control. Many of the common systems (anyconnect, goto, teamviewer) are available as actions that can be applied to policies.

    -James Carson
    WatchGuard Customer Support

  • Options
    amccannamccann

    While I do see those applications in there and agree that application control is a better place, those are more of a remote desktop type of application. I am looking specifically at companies that are RMM (Remote Monitoring and Management). Companies such as Kaseya, Connectwise, Atera, Ninja, Syncro, Datto, N-Able, etc...

    We can look at past vulnerabilities in some of the above-mentioned systems and see where a block to/from any of the url's associated with the systems would have been beneficial in securing our environments.

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @amccann I'm happy to make the request, but please understand that the categories are based off of Forcepoint's Websense product. If you are looking to deny these sites via webblocker, a manual exception for each of these sites may be the best way for the time being.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.