Hi Guys,
Does anyone know how to totally blocked Psiphon? I already raised this issue to Sophos XG support, He sets ips maxpkts, QUIC, port blocking, etc. but still it bypasses the blocking. I have this issue for almost a year but until now it seems there is no solution even upgrading to the latest firmware. On the other UTM/NGFW brand/devices they can blocked Psiphon. I hope this issue soon be resolved.
Jesen
I was able to blocked Psiphon and other proxy tunneling apps by following the instruction on the KB you have sent me. My only concern is that I need to install the SSL CA Certificate on each Device/Browser so the policy would take effect or else I cannot browse anything. (once I enable decryption and HTTPS scanning)
My question is that, did anyone of you tried to block Psiphon using the IPS pattern? TIA.
Hi Jesen Sodela Please refer the article to push certificate to the user- https://community.sophos.com/kb/en-us/42153
Regards,
KeyurCommunity Support Engineer | Sophos Support Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts | If a post solves your question use the 'This helped me' link
Hi Keyur,
Thanks for the link, actually I am thinking of push installation using active directory but this is only possible for PCs. How about mobile phones or EU that has no AD? Back to my question, Have you tried to create or block Psiphon using IPS custom signature/pattern?