Security

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  Juniper SRX300 - Block file transfer app WhatsApp browser

    Posted 02-04-2021 21:52
    Hello everyone, everything good ? I have a problem and I need help. I need to allow access to the whatsapp web application or via browser. However, I need to block the file transfer. Users will only exchange messages. Today I have the Juniper SRX300 is it possible?

    ------------------------------
    Leandro Gomes
    ------------------------------


  • 2.  RE: Juniper SRX300 - Block file transfer app WhatsApp browser

    Posted 02-07-2021 06:59
    Only way to do this would be to do ssl forward proxy and do you own manual AppID signatures to differentiate Whatapp messages or file transfers.

    Doing ssl forward-proxy has many complications with importing the SRX's trusted root CA so the firewall can look at the content of the traffic. Secondly there is the massive performance impact. My best guess is that a SRX300 can handle no more than 10 Mbps of SSL/TLS encapsulation before running out of available CPU ressources.

    ..and then come you have to manually do an AppID signature to block file transfers (meaning you need to analyze the datastream and figure out what you should trigger on). That is a task for itself on top.

    So - basically: I don't see any feasible way of doing this on a SRX300, except if you block whatsapp completely via AppID.

    ------------------------------
    JONAS HAUGE KLINGENBERG
    ------------------------------



  • 3.  RE: Juniper SRX300 - Block file transfer app WhatsApp browser

    Posted 02-08-2021 08:06
    Hi Jonas, how are you? I understand your argument, thank you very much for your help. As your guidance I will leave you blocked completely. Thank you very much.

    ------------------------------
    Leandro Gomes
    ------------------------------



  • 4.  RE: Juniper SRX300 - Block file transfer app WhatsApp browser

    Posted 03-01-2021 10:08
    Hi Leandro,

    We're in the process of adding granular WhatsApp support as micro-applications in a coming signature pack. Once these are available, you will be able to block file-transfers within WhatsApp while leaving voice/video/chat alone.

    Stay tuned,

    ------------------------------
    Craig Dods
    ------------------------------