1. The purpose of
As you know, gambling during working hours is difficult to accept because it distracts employees from their work and also affects the throughput of the system.
Today, companies often use firewalls to prevent gambling, but modern firewalls can only detect and block a few known games.
So how do you block access to games that are not detected by the firewall? In today’s article we explain how to identify and block any game application on a Palo Alto firewall device.
As you can see in the network diagram, the Internet connection is configured on port 1 and the LAN area on port 3, with network layer 172.16.16.0/24, and a telephone device is connected to the access point configured by the gateway device, the gateway mode is on port 3 and the telephone device has received the IP 172.16.16.64.
In this article this mobile phone is used to play DragonSky, and the Palo Alto firewall is used to detect and implement a blocked game in this game.
4. What should I do?
- Set the IP and port used by the game
- Enter a policy to exit the game
5.1 Define the IP and port used by.
First we will use the phone with IP 172.16.16.64 to play DragonSky.
Then we check the Palo Alto device log under Monitor> Logs> Traffic.
We’ll see that the phone book appears. To avoid confusion with other devices, we click the IP address 172.16.16.64 to filter only the traffic coming from this IP.
After filtering, we carry out an analysis and establish that the traffic to which it is connected is in Singapore.
We therefore assume that the servers for this DragonSky game are in Singapore.
We will create a policy to block all IP addresses coming from Singapore to determine if it is a game server in Singapore.
To create a policy> Security> Click Add and configure the following information.
- Name: Block_DragonSky
- Type of control: universal (standard)
Source Tab :
- Source zone : Select the LAN
- Source address : Press Add to IP Type 172.16.16.64
- Target area : WAN
- Destination address : Click Add to enter SG in the window and select SG (Singapore).
Action Tab :
- Action! Action! action! action! action! action! action! action! action! action! action! action! Select the depot
- Setting up the logbook : Select Log at the end of the session
As soon as the policy blocks Singapore IP addresses, we go back to the phone screen to see if the game has lost connectivity.
And as you can see, the game has lost its connection.
In the next step we have to go back to see the protocol of this device in Palo Alto, and we can see the blocked IP addresses of the destination, followed by the port and also the protocol.
We need to save this information in an Excel file as follows.
Once we have captured all the information we need, we return to DragonSky’s blocking policy and enter the IP addresses we have captured in the Excel file.
Then we need to enter additional ports in the Services tab. To import them, click the Services tab, click Add, and then select New Service.
The Service table appears, you must enter a name for the service and enter a port in the Destination port field.
When you’re done, click OK to save.
After entering all collected IP addresses and ports, you will return to the phone screen for verification.
And as you can see, the game is still unavailable, which means that we have correctly identified the IP servers the game connects to and the ports it uses.
We hope this article will help administrators to manage users’ access to the Internet, making the system easier to use.
YOU MIGHT ALSO BE INTERESTED IN
palo alto application exception,block anydesk palo alto,palo alto block cloud storage,palo alto block vpn traffic,how to block mobile legends in palo alto,palo alto wechat,palo alto block bittorrent,palo alto block high risk application,palo alto: "allow application",palo alto application list,palo alto block url,palo alto application override smb,single pass parallel processing,palo alto app-id,content-id in palo alto,firewall cx palo alto,palo alto software free download,cfg fail conn-on-cert,palo alto sub zones,palo alto image,palo alto application filtering best practices,palo alto applications to block,palo alto application filtering categories,palo alto block streaming video,palo alto blocking applications