How to block teamviewer on the network

I would like to block teamviewer in the network.

Is there any clear procedure to do it with ASA 5540 or Symantec EndPoint Manager 12.2

Thank you for any feedback
OmetaAsked:
Who is Participating?
 
Giovanni HewardConnect With a Mentor Commented:
You can start by blocking 5938/TCP outbound.  

TeamViewer will eventually use 443/TCP and 80/TCP, so you'll need to block by IP address or FQDN.

Due to the large IP/domain space used by TeamViewer, this may be an arduous process of monitoring its outbound connection attempts over time.  Use TCPView on a local Windows host to easily monitor connection attempts.  Of course if you're comfortable with WireShark you can filter these ports and log attempts over time.

Start by resolving master1.teamviewer.com incrementally upward (master2.teamviewer.com, etc.)
0
 
artsecCommented:
ASA 5540 is not able to block based on Application. Further, Teamviewer works on application layer and you cannot block HTTPS by ASA 5540 because it does not support SSL decryption .

Here you can find information for application control on Symantec EndPoint Manager.
http://www.symantec.com/business/support/index?page=content&id=TECH102525&locale=en_US
0
 
Michael-BestCommented:
0
 
McKnifeCommented:
Is the topic still alive? http://www.symantec.com/connect/forums/block-teamviewer holds a HowTo for SEP 12.3 at least.
0
 
madunixCommented:
As said above, I would block port 5938, that should stop the initial handshake.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.