Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

Mohammedsalhi
New Contributor

Block incoming Teamviewer connections to internal IPs while allowing the outgoing ones

Dear Folks,

is it possible to use FortiGate Firewall to block incoming Teamviewer or anydesk connections to internal IPs, while allowing the outgoing ones? I cannot find a specific answer on any online resources.

Internal Users are allowed to use Anydesk for example to support users outside the company, while it is not allowed for anyone from outside the company to access the internal computers.

Thank you
1 REPLY 1
saleha
Staff
Staff

Hello Mohammedsalhi,

 

Thank you for reaching out. You can block anydesk and Teamviewer traffic from outside to internal network by using internet service object as the destination. These address objects are located in the fortigate ISDB and if your fortigate have an active ISDB license the address objects will be updated regularly with the periodic fortiguard updates. Makes sure of the direction of the traffic you are blocking on the firewall policy as you mentioned you do wnat users to be allowed used the same tools on the outgoing direction. for reference on how to achieve this task, please follow the steps from the below links:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Block-Anydesk-using-ISDB/ta-p/230760

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Block-TeamViewer-using-the-ISDB-firewall-p...

 

Thank you,

saleha