Application control - exception
Hello to the community.
This is my first post.
I am facing the following issue (I have tried various configs -- according to my knowHow).
On my http&https policys where all office clients traffic is routed, I apply Proxy Action & Application Control. On AppCtrl, on the category File Sharing Services & Tools I use DROP on Web File Transfer. This produces 2 issues as I have notice.
- Mozilla firefox is trying to update via download.cdn.mozilla.net, which produce
"heavy traffic" on the line and extremely download sizes to the client for great amount of time.
e.g. for a specific client, for 12 hours, mozilla firefox was trying to be updated contacting the update service. The traffic that was loged by the LogServer were 47GB for domain mozilla.net. When I set ALLOW to the Web File Transfer, the update perfomed rapidly and the traffic towards download.cdn.mozilla.net stopped, as well the consumption of Bandwidth. (I have the report from LOGSERVER).
The update process of mozilla were ALLOWED BY PROXIES BUT DROPED BY the APPCONTROL
Allowed,2019-11-07 12:04:53,HTTP-proxy_LAN-00,download.mozilla.org,/?product=firefox-70.0.1-partial-70.0&os=win&lang=el
Allowed,2019-11-07 12:04:57,HTTP-proxy_LAN-00,download.cdn.mozilla.net,/pub/firefox/releases/70.0.1/update/win32/el/firefox-70.0-70.0.1.partial.mar
- Microsoft updates are not downloaded by clients due to DROP action on Web File Transfer.
Is there a way to create some exceptions for specific domains to bypass ->Web File Transfer DROP rule?
Thank you
Best Answer
-
You would need to add new HTTP & HTTPS policies From: the desired domain names, with App Control not enabled or with an App Control action which does not include DROP on Web File Transfer.
Make sure that the new policies are above the existing polieis so that they will be evaluated first.5
Answers
Bruce
Thank you very much for the accurate response. I created an allias to include all domains (e.g *microsoft) which require automatic updates.
Thanks again.
Michael