04-05-2018 06:10 AM - edited 03-08-2019 05:47 PM
Solved! Go to Solution.
04-05-2018 06:40 AM
Hi Saquib,
You would require SSL decryption policy on the SFR so SFR can decrypt the traffic and then block "Skype file transfer" application using application control.
SSL policy is must as once traffic is encrypted, firepower or no other device for that matter can see the traffic and apply any restriction.
When you apply SSL policy, you might want to try it in off-production hours first as SSL takes huge amount of resources and can cause performance issues if the device is already being utilized to its full capacity.
Here is the article for SSL policy. You need decrypt-resign rule.
Hope it helps,
yogesh
04-05-2018 06:40 AM
Hi Saquib,
You would require SSL decryption policy on the SFR so SFR can decrypt the traffic and then block "Skype file transfer" application using application control.
SSL policy is must as once traffic is encrypted, firepower or no other device for that matter can see the traffic and apply any restriction.
When you apply SSL policy, you might want to try it in off-production hours first as SSL takes huge amount of resources and can cause performance issues if the device is already being utilized to its full capacity.
Here is the article for SSL policy. You need decrypt-resign rule.
Hope it helps,
yogesh
04-05-2018 07:23 AM
04-05-2018 09:52 AM
Hi
Yes that's the only way through SFR.
Thanks
Yogesh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: