This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unclassified Traffic

I have some Mobile users, who continuously communicate with clients via Whatsapp and Zoom Application,and i allowed them to use Default web filter policy. I noticed my firewall logs shows there is lot of bandwidth coming from these mobile users, somehow i figured out some of them using proxy apps to bypass the firewall. from Flow monitor their IP shows in Unclassified traffic and there is no Block or shape the traffic. Kindly help me to resolve this issue.

This thread was automatically locked due to age.

Top Replies

feroz syed over 4 years ago in reply to DouglasFoster +1 suggested

just noticed those host are present in Application skip list.

Parents

0 DouglasFoster over 4 years ago

I do not think that we have enough information about your configuration. Some general observations:

1) With HTTPS Inspection OFF, UTM only sees the host name, and can only allow or block the initial connection.

2) Traffic that is handled by the Web Proxy will bypass the Firewall Rules. This is a unique aspect of the UTM architecture.

3) Traffic that is inside a WhatsApp VPN tunnel will not be visible to the UTM WebFilter.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 DouglasFoster over 4 years ago

I do not think that we have enough information about your configuration. Some general observations:

1) With HTTPS Inspection OFF, UTM only sees the host name, and can only allow or block the initial connection.

2) Traffic that is handled by the Web Proxy will bypass the Firewall Rules. This is a unique aspect of the UTM architecture.

3) Traffic that is inside a WhatsApp VPN tunnel will not be visible to the UTM WebFilter.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 feroz syed over 4 years ago in reply to DouglasFoster

just noticed those host are present in Application skip list.
Cancel
Vote Up +1 Vote Down

Cancel