04-05-2018 06:10 AM - edited 03-08-2019 05:47 PM
Solved! Go to Solution.
04-05-2018 06:40 AM
Hi Saquib,
You would require SSL decryption policy on the SFR so SFR can decrypt the traffic and then block "Skype file transfer" application using application control.
SSL policy is must as once traffic is encrypted, firepower or no other device for that matter can see the traffic and apply any restriction.
When you apply SSL policy, you might want to try it in off-production hours first as SSL takes huge amount of resources and can cause performance issues if the device is already being utilized to its full capacity.
Here is the article for SSL policy. You need decrypt-resign rule.
Hope it helps,
yogesh
04-05-2018 06:40 AM
Hi Saquib,
You would require SSL decryption policy on the SFR so SFR can decrypt the traffic and then block "Skype file transfer" application using application control.
SSL policy is must as once traffic is encrypted, firepower or no other device for that matter can see the traffic and apply any restriction.
When you apply SSL policy, you might want to try it in off-production hours first as SSL takes huge amount of resources and can cause performance issues if the device is already being utilized to its full capacity.
Here is the article for SSL policy. You need decrypt-resign rule.
Hope it helps,
yogesh
04-05-2018 07:23 AM
04-05-2018 09:52 AM
Hi
Yes that's the only way through SFR.
Thanks
Yogesh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide