04-27-2017 12:51 PM - edited 03-12-2019 06:22 AM
i do a rule for block facebook video in the window de application control and with action of block with reset but when i open facebook continue showing the videos, the version of sensor3d is the 6.2
how can block the videos the facebook?
Best Regards
Ricardo Puga
04-27-2017 07:40 PM
Since Facebook video (and other Facebook micro apps) is delivered via https, you need a decryption policy to open the full URI for AVC to be effective with Facebook and other similar sites/applications.
A decryption policy requires the IPS to be a "man in the middle" and it must therefore have a certificate that is trusted by all of your end users - i.e., via establishment of an enterprise PKI.
04-27-2017 07:53 PM
Hi Marvin
Thanks for the answer, tomorrow in an webex i will do the configuration
regards
Ricardo Puga
04-28-2017 12:17 AM
Hello Ricardo,
Refer the following link to configure the SSL policy .
http://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/200202-Configuration-of-an-SSL-Inspection-Polic.html
Also you have to disable the http2 traffic from the site since we have some issues with that .
Regards
Jetsy
08-11-2017 06:27 AM
Ihave the same problem. Can you solve the Issue?
04-28-2017 06:26 PM
hi, today i was do the configuration the policies SSL with an certificate self signed for the Firepower but don't works
i do a policy SSL with decrypt resign and in the application was put : facebook video and facebook, when opened the chrome shows the certificate self signed this is correct, but not block the facebook videos
after i do other policy SSL for what facebook videos with the action: block with reset and one policy SSL for facebook aplication with action: Decrypt Resign, but not blocked it
the last try were do a policy of application control with the application : facebook comment, like, video but all not working
i attach the images of the configuration
04-28-2017 07:41 PM
Try using the SSL Policy with the Decrypt and Resign only as you have shown in your one example.
Then reference that SSL Policy in your Access Control Policy (ACP). It's in the ACP where you should have a rule to Block with Reset.
Something like this:
05-02-2017 12:29 PM
Hi Marvin
i did a policy SSL that Decrypt and Resign the application Facebook and in the ACP, i did an rule that block and reset the application Facebook Video, but not works
i attach images of the rules and logs of the connections
i hope that i yelpme
Regards
05-02-2017 09:18 PM
The way you have it now should be correct to my understanding.
Is it possible to open a TAC case to look at it in real time?
06-12-2017 02:35 PM
Hi Marvin,
Regarding this matter, is it possible to block any video posted in your FB wall using this FB micro app? or should it be possible only with videos sourced from FB?
Thanks in advanced
08-15-2023 12:45 PM
Hi Marvin, Thank you in advance for your expert guidance. It is always helpful. Florida has passed HB379, which prohibits students in k-12 from accessing social media on school networks. The issue is blocking social media apps on personally owned-mobile devices. I have an ACP rule blocking social media apps, but traffic still flows from that source. So I want to confirm that to block access to Facebook from devices using the mobile app, I need a decryption policy, then the app blocking feature will function. Is this correct? Also, will a SSL inspection / decryption create performance degredation ? I am using a pair of FTD 4125 in HA config.
08-16-2023 01:10 AM