Feature Request for a new WebBlocker Category
I would like to see a new WebBlocker category for RMMs.
It would be useful to have a category for blocking/unblocking all known RMMs. With the hacks of RMMs and the power a hacker would have over systems when an RMM is hacked, it would be nice to categorically block all known RMMs and allow just the one(s) we want to allow.
0
Sign In to comment.
Comments
Hi @amccann
For applications like RMMs, I would suggest looking into Application Control. Many of the common systems (anyconnect, goto, teamviewer) are available as actions that can be applied to policies.
-James Carson
WatchGuard Customer Support
While I do see those applications in there and agree that application control is a better place, those are more of a remote desktop type of application. I am looking specifically at companies that are RMM (Remote Monitoring and Management). Companies such as Kaseya, Connectwise, Atera, Ninja, Syncro, Datto, N-Able, etc...
We can look at past vulnerabilities in some of the above-mentioned systems and see where a block to/from any of the url's associated with the systems would have been beneficial in securing our environments.
Hi @amccann I'm happy to make the request, but please understand that the categories are based off of Forcepoint's Websense product. If you are looking to deny these sites via webblocker, a manual exception for each of these sites may be the best way for the time being.
-James Carson
WatchGuard Customer Support