SRX Services Gateway
Reply
Contributor
arslan.nawaz@iacgrp.com
Posts: 47
Registered: ‎04-06-2011
0

AppSecure - Bypass Proxy Sites

I configure App-FW feature on SRX-210H. I am able to block the facebook however with proxy-bypass sites I can still open the facebook. How I can block facebook i.e. open through proxy bypass sites? I want to do this with SRX - App-FW feature.

Arslan
Distinguished Expert
MMcD
Posts: 637
Registered: ‎07-20-2010
0

Re: AppSecure - Bypass Proxy Sites

Im not sure how you would do this, but creating a block list of all the proxy websites out there is a good start maybe:

 

http://newproxysites.org

http://300allpctips.blogspot.com/2009/02/top-200-proxy-sites-list.html

MMcD [JNCIP-SEC, JNCIS-ENT, CCNA, MCP]
____________________________________________________

[Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too]
Contributor
arslan.nawaz@iacgrp.com
Posts: 47
Registered: ‎04-06-2011
0

Re: AppSecure - Bypass Proxy Sites

[ Edited ]

Thanks MMcD for reply

 

I can block all the proxy bypass sites with UTM on Branch end devices. However I want to do this with App-FW (App-Secure) feature (suppose I want to do this on high-end FWs where UTM support is not available).

 

Juniper provides a default list of apps with in App-FW configuration. I block the GMAIL via App-Firewall ( junos:GMAIL). But GMAIL is still opening via proxy bypass sites. (e.g. proxybypass.com)

 

set security application-firewall rule-sets Block-Apps rule Rule-1 match dynamic-application junos:GMAIL
set security application-firewall rule-sets Block-Apps rule Rule-1 then deny
set security application-firewall rule-sets Block-Apps default-rule permit

 

set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit application-services application-firewall rule-set Block-Apps

 

Can I restrict this so user cant open these Apps via proxy bypass sites. I want to do this with App-FW feature.

 

Regards

Arslan
Juniper Employee
Linus
Posts: 44
Registered: ‎05-12-2011
0

Re: AppSecure - Bypass Proxy Sites

you can try to add one rule to block junos:smileytongue:ROXYDOTORG.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.