Enabling HTTPS Inspection causes remote applications to block automatically

From Secure Web Gateway
Share/Save/Bookmark
Jump to: navigation, search

Overview

Remote applications like Remote desktop application, Download managers, etc.(Anydesk and Teamviewer ) should get automatically block if HTTPS inspection is enabled. No need to configure any policy for blocking purpose.

Access Remote Desktop Applications Through SafeSquid 

Prerequisites

HTTPS Inspection should be enabled on SafeSquid. If it is disabled, check our document - How to configure HTTPS inspection 

Remote applications like Anydesk and Teamviewer should block automatically if HTTPS inspection is enabled. No need to configure any policy for blocking purpose.

Note:

It has been observed that Remote applications like Anydesk and Teamviewer get access to internet if not blocked by firewall. To control these type of Remote applications via SafeSquid proxy (Secure web gateway) you should first block it on the firewall.

Configuration on Remote applications

 
  • Set proxy settings on Anydesk application.
  • If authentication is enabled you have to specify Username and Password on Anydesk application.
  • Anydesk should not take auto proxy settings : If you set proxy in IE browser or chrome browser and you select "Try to detect the proxy server" option on anydesk, it should not take proxy automatically. You must have to configure proxy on anydesk application.
 
After doing above configuration you should restrict  
  • Restrict Ammy admin
  • Restrict Team viewer
  • Restrict Webex
  • Restrict Splashtop
  • Restrict Anydesk
 

Note: To block single application from above list please refer link Restrict Anydesk

Follow link to Allow remote applications for particular users 

How to create policy without Application Signature

  • If application is not categorized under default Application Signatures, find User-agent using SafeSquid's extended logs or any other traffic capturing tool.
  • Add that User-agent or hostname of websites under Custom Setting > Request Types section.
  • Bind that created user group and Request Type in Access Profile section and specify the action as per the requirement.