Application Control - "LinkedIn_Message" - Not blocking messaging

sam_astute · ‎07-02-2018

Hi All,

First time posting here so please be gentle!

I'm trying to block my users from being able to use LinkedIn messaging, I've created a policy with Application Control set to block the following Application Signatures:

LinkedIn_File.Download

LinkedIn_File.Upload

LinkedIn_Message

LinkedIn_Post

In Fortiview, it is showing that sessions for LinkedIn_Message are being blocked, but the messages are not being blocked, and users are able to send as normal.

I wonder if I'm missing something here?

If anyone has any ideas, please let me know :)

RyanYap_FTNT · ‎07-17-2018

Give this custom signature a try!

F-SBID( --name "LinkedIn.Message_Custom"; --protocol tcp; --app_cat 23; --service HTTP; --flow from_client; --pattern "/voyagerMessaging"; --no_case; --context uri; --pattern ".linkedin.com"; --no_case; --context host; --weight 20; )

RyanYap_FTNT · ‎07-17-2018

Give this custom app control signature a try!

F-SBID( --attack_id 5846; --name "LinkedIn_Message_Custom"; --protocol tcp; --app_cat 23; --service HTTP; --flow from_client; --pattern "/voyagerMessaging"; --no_case; --context uri; --pattern ".linkedin.com"; --no_case; --context host; --weight 20; )

Application Control - "LinkedIn_Message" - Not blocking messaging

Nominate a Forum Post for Knowledge Article Creation