UTM - How to Block HTTPS access to Gmail using SSL Control

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7564[14/01/2011 6:25:12 PM]

Home


E-mail Print Subscribe ? Related Bookmark
Search
View all items in: UTM/Firewall/VPN > Configuration
Rating: 6.00 out of 10 (1 Rating)
Question/Topic
UTM - How to Block HTTPS access to Gmail using SSL Control
Answer/Article
Article Applies To:
Affected SonicWALL Security Appliance Platforms:
Gen5: NSA E7500, NSA E6500, NSA E5500, NSA 5000, NSA 4500, NSA 3500, NSA 2400, NSA 240
Gen5 TZ Series: TZ 100, TZ 100 Wireless, TZ 200, TZ 200 W, TZ 210, TZ 210 Wireless,
Gen4: PRO series: PRO 5060, PRO 4100, PRO 4060,PRO 3060, PRO 2040, PRO 1260
Gen4: TZ series: TZ 190, TZ 190 W, TZ 180, TZ 180 W, TZ 170, TZ 170 W, TZ 170 SP, TZ 170 SP Wireless,
Firmware/Software Version: Sonic OS Enhanced 4.0 and above versions.
Services: SSL Control
Feature/Application:
SSL Control provides visibility into the handshake of Secure Socket Layer (SSL) sessions, and a method for configuring policies to control
the establishment of SSL sessions. One of the main features of SSL control is to provide a way to specify which HTTPS certificates to
block.
This article describes how to block access to https://www.gmail.com using SSL Control from the LAN zone. Using this method would block
all websites with the Common Name (CN) www.google.com.
Procedure:
Step 1. Login to the Sonicwall Management interface
Step 2. Navigate to the Network> Zones page and click on edit on the LAN zone.
Step 3. Check the SSL Control check-box to enable it in the LAN Zone. This will affect all LAN users since SSL Control is enabled for LAN
zone.
Rate
UTM - How to Block HTTPS access to Gmail using SSL Control
http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7564[14/01/2011 6:25:12 PM]
Step 4. Navigate to the Firewall> SSL Control page.
Step 5. Check the Enable SSL Control check-box.
Step 6. Check the Enable Blacklist check-box.
Step 7. Click on the Configure button to bring up the SSL Control Custom Lists window.
UTM - How to Block HTTPS access to Gmail using SSL Control
http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7564[14/01/2011 6:25:12 PM]
Step 8. Click on the Add button under Black List and enter the Common Name (CN) www.gmail.com.
Step 9. Click on OK to save.
How to Test:
UTM - How to Block HTTPS access to Gmail using SSL Control
http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7564[14/01/2011 6:25:12 PM]
To test whether SSL Control is blocking https://www.gmail.com,
Step 1. Logout of the Sonicwall Management interface.
Step 2. Open an internet browser.
Step 3. Try to open https://www.gmail.com or https://mail.gmail.com
Step 4. A "Connection Interrupted" message will be returned.
Under the Sonicwall > Log the following message will be shown.


Related Items
UTM: Blocking HTTPS websites with Application Firewall using Certificate Serial Number
KBID 7564
Date Modified 10/27/2010
Date Created 12/30/2009