ociadmin
asked on
Application Control in TMG 2010
Hello Experts,
I am new to TMG and was just wondering how to setup application control in TMG 2010. Specifically, I would like to block most of remote control software like Webex, GoToMyPC, Teamviewer, etc. Is this possible on TMG ???
Regards.
I am new to TMG and was just wondering how to setup application control in TMG 2010. Specifically, I would like to block most of remote control software like Webex, GoToMyPC, Teamviewer, etc. Is this possible on TMG ???
Regards.
Most things are possible. You would need to access the site/service, track the protocols/ip addresses used then put deny access rules in place above any more open allow access rules. As each service is different there is not a generic 'catch all' setting. However, there are a large range of existing Category sets and Types pre-poulated in TMG that you can choose from and add to the TO: section of the deny rule but these are not necessarily going to cover every eventauality.
ASKER
Hi Keith,
Thanks for your prompt reply. Please correct me if I'm wrong... what I understand from TMG and your above comment is that to block the actually application itself we have to find the ports they use and block those ports.
I understand that pre-defined category sets will only block websites that fall under that particular category, not the application itself. Am I correct in saying this ?
Regards.
Thanks for your prompt reply. Please correct me if I'm wrong... what I understand from TMG and your above comment is that to block the actually application itself we have to find the ports they use and block those ports.
I understand that pre-defined category sets will only block websites that fall under that particular category, not the application itself. Am I correct in saying this ?
Regards.
Yes - spot on. It is the protocol and ports along with header and content information.
Once you have identified thee - and it can be a painful exercise, then you can vreate a filter or a simple rule based on the results.
Once you have identified thee - and it can be a painful exercise, then you can vreate a filter or a simple rule based on the results.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Very helpful replies, it is crystal clear now.