Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 1648 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTP Scanning issue

Steve Dugger

I have noticed along with others at my company that when HTTP(not HTTPS) scanning is enabled inside of a policy it essentially breaks the network. For instance with Pandora it would say buffering, then skip to the next song after about 5 seconds.  This would happen repeatedly and never actually play anything. Once HTTP scanning was turned off it started to work again. Any ideas?



This thread was automatically locked due to age.
Parents
  • 0

    This is just a thought since I have not configured to much of it but I would think that you would have to make an exclusion or exception for things like pandora and then secure them in web applications.

    Respectfully, 

     

    Badrobot

     

  • 0 in reply to Badrobot

    not a huge fan of that idea due to the small chance that lets say pandora gets breached and their site starts to host malware. The other reason is that potentially 100s of sites would need to be excluded from scanning and that just seems messy and defeats the purpose of HTTP scanning.

Reply
  • 0 in reply to Badrobot

    not a huge fan of that idea due to the small chance that lets say pandora gets breached and their site starts to host malware. The other reason is that potentially 100s of sites would need to be excluded from scanning and that just seems messy and defeats the purpose of HTTP scanning.

Children
  • 0 in reply to Steve Dugger

    It is also possible that a redirect on Pandoras end is getting blocked by some other web filter aspect or firewall rule, have you attempted to look in the log viewer and isolate the test computer and compare the logs against all other aspects?

    Respectfully, 

     

    Badrobot

     

  • 0 in reply to Badrobot

    i have not, however i have confirmed that unchecking HTTP scanning resolves the issue. I will take a look at the logs.

  • +1 in reply to Steve Dugger

    Hi,

    there is the ability to disable scanning on streaming media. There will not be an issue with this because streaming media is not run as an application and has no start or end.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Steve Dugger

    I'm guessing this is not for all sites but a few? if so it's not usual for this to crop up - I handle them with a specific firewall rule for the destination domain with no HTTP scanning, this is the XG way of putting in a UTM SG type proxy exception (I'm assuming access to these sites is not a problem).

    I think it's just the filtering process is quite strict on the HTTP headers it will process, but that's just a guess on my part.

     

    Regards

Cookie Information Banner