Hi, We got a problem with one of the suppliers having a Fortinet FW regularly blocking our traffic because it is tagged as using QQ application, with specific blocking rule being the QQ_Sign.In We have no QQ IM appliaction on our end, we send only SMPP traffic towards the supplier and nothing else. We can't find the exact reason why the rule is triggered, can someone please share some more information on what is that specific rule looking for when filtering the traffic? Is it possible that the rule is triggered for specific SMS messages originating from Tencent?
This indicates an attempt to access QQ Instant Messenger.
https://www.fortiguard.com/appcontrol/12503
Can someone please share some more information on what is that specific rule looking for when filtering the traffic?
Fortinet’s applications detection capabilities are derived from mature data modeling created and maintained by FortiGuard Labs. The application control feature uses protocol decoders with signatures that analyze network traffic to detect application traffic, even if the traffic uses non-standard ports and protocols.
Is it possible that the rule is triggered for specific SMS messages originating from Tencent?
Yes.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.