Skip to main content
J
Staff & Editor
jordancueay1
Staff & Editor
October 1, 2024

Technical Tip: Blocking known applications using the application control profiles

  • October 1, 2024
  • 0 replies
  • 3331 views
Description This article describes how to block VoIP calls on WhatsApp and Telegram, and how to block the telegram application.
Scope FortiGate.
Solution

Blocking VoIP calls on Telegram.

 

Step 1: Go to Security profiles -> Application Control -> Create New.

 

foto.png

 

Step 2: Go to Application and Filter Overrides.

  • Select Create New.
  • On the search bar, write Telegram_VoIP.Call.

jordancueay1_0-1727750105413.png

 

Step 3: Select OK to save.

 

foto.png

 

Step 4: Select OK to save.

foto.png

 

Step 5: Apply the new profile on a firewall policy together with the SSL deep inspection profile.

foto.png

 

foto.png

 

Step 6: Make a call on Telegram.

 

Step 7: Check the logs.

 

foto.png

 

Blocking Telegram.

 

Step 1: Create an application profile under Security Profile -> Application Control -> Create new.

 

foto1.png

 

Step 2: Go to Application and Filter Overrides.

 

Select Create New and then, on the search bar, enter Telegram.

 

foto1.png

 

Step 3: Select OK to save.

 

foto1.png

 

Step 4: Select OK to create the new application control profile.

 

foto1.png

 

Step 5: Apply the Telegram application profile and deep inspection profile on a firewall policy.

 

foto.png

 

Step 6: Test the Telegram application.

 

foto.png

 

Telegram was blocked successfully, the application is in a loading state permanently.

 

Logs:

 

foto.png

 

Blocking WhatsApp VoIP calls.

 

Step 1: Create an application control profile using the WhatsApp object.

 

Security Profile -> Application Control -> Create New -> Application and Filter Overrides.

 
jordancueay1_8-1727750174207.png
 

Step 2: Select Create New and type WhatsApp on the search bar.

 

jordancueay1_1-1727750105797.png

 

Step 3: Select WhatsApp_Voip.Call and OK.

 

jordancueay1_2-1727750105821.png

 

Select OK again to save the new application control filter.

 

Step 4: Apply the filter on a Firewall policy.

 

jordancueay1_3-1727750105880.png

 

Apply the Application control profile together with a deep inspection profile.

 

Select OK to save.

 

jordancueay1_4-1727750105826.png

 

Step 5: Go to WhatsApp and make a call.

 

jordancueay1_5-1727750105799.png

 

The 'Call Failed' message in the chat windows indicates that the call was blocked successfully.

 

Step 6: Check the Security event logs for the results.

 

Log & Report -> Security Event -> Application control.

 

jordancueay1_6-1727750105800.png

 

jordancueay1_7-1727750105417.png

 

Example configuration in the CLI: 

 

To create Application and Filter Overrides: 

 

config application list
    edit "Voip block"
        config entries
            edit 1
                set application 50776
            next

            edit 2
                set application 40698
            next
        end
    next
end

 

Note: 50776 is the application ID for Telegram_VoIP.Call and 40698 the application ID for WhatsApp_VoIP.Call. To find the application ID, see Technical Tip: How to list the applications or categories and their corresponding number (ID) when configuring Application Control.

 

To apply the Application Control profile to a firewall policy:

 

config firewall policy
    edit <policy ID>
        set application-list "VoipAppsBlock"
    next
end
Terms & ConditionsAccessibility statement