Article Applies To:

SonicWALL Security Appliance Platforms:

Gen5: NSA E8500, NSA E7500, NSA E6500, NSA E5500, NSA 5000, NSA 4500, NSA 3500, NSA 2400, NSA 240
Gen5 TZ Series: TZ210, TZ210W, TZ 200, TZ200W, TZ100, TZ100W
Firmware/Software Version: SonicOS Enhanced 5.8.0.1 and above

Services: App Control Advanced


Description:

This article describes how to block access to proxy websites using the SonicWALL App Control Advanced feature. 


Procedure:

The SonicWALL App Control Advanced feature contains numerous signatures to block access to proxy websites. Access can be restricted or blocked in the following three ways:

  • Block by Category: This is a global setting blocking access to all proxy websites.
  • Block by Application: In this method, particular proxy sites can be blocked by name.
  • Block by Signatures: Using this method individual signatures for each site can be blocked.

Blocking the Category Proxy Access:

  • Login to the SonicWALL Mangement GUI.
  • Navigate to the Firewall > App Control Advanced page. In Gen5 TZ devices this page is under Security Services > App Control
  • Check the box under Enable App Control  and click on the Accept button at the top to enable App Control.
  • Under App Control Advanced > View Style select PROXY-ACCESS under Category
  • Click on the configure button.
  • In the Edit App Control Category window, select Enable under Block and Log fields.
  • Click on OK to save.

Blocking an individual proxy website:

  • Under App Control Advanced > View Style > Application, select a proxy website you wish to block. (In this example Kproxy)
  • Click on the configure button.
  • In the Edit App Control Application window, select Enable under Block and Log fields.
  • Click on OK to save.

Blocking a signature for a proxy website:

  • Under App Control Advanced > View Style > Application, select a proxy website you wish to block (in this example Vtunnel).
  • Set Viewed By to Signature
  • Listed below would be signatures for the website you have selected under Application.
  • Click on the configure button on any one of the signatures you wish to block.
  • In the Edit App Control Signature window, select Enable under Block and Log fields.
  • Click on OK to save.




Testing

When accessing a proxy website earmarked for blocking, the following messages will be logged under Log > View, depending on the signature you have selected for blocking: