We'd love to hear about it! Click here to go to the product suggestion community
I have receive A task from my boss.
Allow some computer can only using Zalo app to communicate with customer. Another is block.
Default we was block computer access internet.
So, how can do it ?
We using sg 330 utm 9
You need to start by finding out how the Zalo app behaves. Vendor nay have some info, UTM logs will help also.
Chào Duc Khanh and welcome to the UTM Community!
Another thing that might be interesting would be to see if there's a traffic signature that would allow you to use Application Control. On the Dashboard, click on the box to the right of the Interface where your device is located. This will bring up the Flow Monitor. Start Zalo and click on application names to get more information. Do the same with the numbers in the Client column. Any luck with that?
Cheers - Bob
In reply to BAlfson:
I was check in flow monitor and find zalo but result is 0/0.
another like skype, facebook, teamviewer.. it can show, but zalo is no show.
In reply to nguyen duc khanh1:
If you are considering a switch to XG Firewall, this article describes out to block Zalo and CC browser using XG Security and Sophos Endpoint working together
I also tried to check the vendor website, but I don't read Vietnamese.
Most applications like this use https on port 443 for initialization, then other ports for other purposes, all outbound. Control can probably be achieved with web filtering using these strategies:
Block normal users using just web filtering
Prevent the software from being installed:
Prevent the software from being used:
Allow special users:
The other ports will require some research. XMPP is a multi-vendor protocol for chat, and it runs on TCP 5222 and TCP 5223, but Zalo may use its own protocol. These other ports will probably be controlled by firewall rules, where you do not have restrictions based on username (unless you are using STAS for authenticating internal users to Web Filtering). You could control these ports using firewall rules that block or allow based on source IP address, if your special users have dedicated IP addresses.
I have written a lot on web filter configuration and log analysis. Start with the articles in the Wiki section, then proceed to the articles that are pinned to the top of the web filtering section.
But the key is to understand what ports the application users.