Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 4 subscribers
  • Views 3744 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[9.260][BUG] Http Proxy - Transparent SSL Decryption breaks AppControl for https based Apps

UmbrellaCorp
Hi Everybody,

we have tested the application control under the actual beta version and found out that it is not able to control applications that are using https such as Youtube or Facebook in case the transparent proxy is being used with full https decryption. This can be fixed by the following and the https based Apps can be controlled (blocked or QoS`ed) again:
1) disable the proxy or disable full https decryption for the transparent proxy
2) change the proxy to standard mode with https decryption active
3) Change the browser settings to SSL version 2 instead of version 3 (tested with IE only)

It seams the transparent proxy`s full SSL decryption is not handling SSL 3 encryption properly or is somehow bypassing the AppControl Engine in case full https decryption is being used. All that applies to the transparent proxy only as described before.

Best Regards!


This thread was automatically locked due to age.
Parents
  • 0

    -= Manually added post that could not be migrated =-

    mlenk mlenk is offline

    Member

    Join Date: Mar 2010

    Posts: 431

    #11 (permalink)  

    Old 10-29-2014, 08:49 AM

    Default

    Hi,

    There will be more Application Control related fixes in the next UTM beta release 9.275 (tracked as Mantis #33519). Please stay tuned...

    Best regards,
    mlenk

    Astaro Beta Bot 

    Wizard

    Join Date: Jun 2009

    Posts: 3,299

    #12 (permalink)  

    Old 10-29-2014, 08:50 AM

    Default

    Thanks for reporting. We are now tracking this as Mantis ID #33519

    Astaro Beta Bot Astaro Beta Bot is offline

    Wizard

    Join Date: Jun 2009

    Posts: 3,299

    #13 (permalink)  

    Old 10-29-2014, 09:00 AM

    Default

    We are planning to release a fix for this issue in Version 9.275.

    Astaro Beta Bot Astaro Beta Bot is offline

    Wizard

    Join Date: Jun 2009

    Posts: 3,299

    #14 (permalink)  

    Old 11-10-2014, 03:15 PM

    Default

    The Mantis ID #33519 is now closed.
Reply
  • 0

    -= Manually added post that could not be migrated =-

    mlenk mlenk is offline

    Member

    Join Date: Mar 2010

    Posts: 431

    #11 (permalink)  

    Old 10-29-2014, 08:49 AM

    Default

    Hi,

    There will be more Application Control related fixes in the next UTM beta release 9.275 (tracked as Mantis #33519). Please stay tuned...

    Best regards,
    mlenk

    Astaro Beta Bot 

    Wizard

    Join Date: Jun 2009

    Posts: 3,299

    #12 (permalink)  

    Old 10-29-2014, 08:50 AM

    Default

    Thanks for reporting. We are now tracking this as Mantis ID #33519

    Astaro Beta Bot Astaro Beta Bot is offline

    Wizard

    Join Date: Jun 2009

    Posts: 3,299

    #13 (permalink)  

    Old 10-29-2014, 09:00 AM

    Default

    We are planning to release a fix for this issue in Version 9.275.

    Astaro Beta Bot Astaro Beta Bot is offline

    Wizard

    Join Date: Jun 2009

    Posts: 3,299

    #14 (permalink)  

    Old 11-10-2014, 03:15 PM

    Default

    The Mantis ID #33519 is now closed.
Children
No Data