Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
fran1942
New Contributor

Application control user agent ?

Hello, for example, I am blocking Teamviewer traffic via Application Control however I have noticed that simply web browsing to teamviewer.com is also blocked via this Application Control.

Is there any way to only block actual Teamviewer installations attempting to connect to Teamviewer servers i.e. I am not concerned about people simply web browsing to Teamviewer.com.

Perhaps it can be differentiated by user agent somehow i.e. block user agent 'teamviewer application' but allow user agent 'web browser' ?

 

Thank you kindly.

1 REPLY 1
hmtay_FTNT
Staff
Staff

Hello fran,

 

Yes, it is possible to do so. With a custom application control signature to whitelist ".teamviewer.com", you can allow the web page and block the connection protocol. 

 

Try adding this custom application control signature and set it to Monitor. I am providing you with the latest IPS Engine that supports whitelisting for custom signature.

 

F-SBID( --name "TeamViewer.Webpage_Custom";  --protocol tcp; --service SSL; --pattern "teamviewer."; --context host; --no_case; --app_cat 12; --weight 100; ) 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors