PSIPHON and ULTRASURF

Ritchie
Getting noticed

PSIPHON and ULTRASURF

Hi Guys,

I just want to know if meraki MX can block psiphon and ultrasurf since this proxy method is very popular in the philippines mindanao side. These proxy method are the problem of most midsize company in mindanao because most of popular firewall cannot block their traffic.

 

Thanks in advance. 

11 Replies 11
PhilipDAth
Kind of a big deal
Kind of a big deal

I don't know the answer.

 

Meraki uses the Brightcloud URL classification system for web sites.  If you look them up here and they come with a category then you can block that category.

 

http://beta.brightcloud.com/tools/url-ip-lookup.php

Ritchie
Getting noticed

Those are applications not a website or URL. Brightcloud is only a database for all url or websites that support for any firewall brands including meraki and cisco ASA or FTD.

If this application will be spread thoughout the world i  think that's the time the meraki would do their side. As of now, i know only one firewall brand that can block these applications.

 

PhilipDAth
Kind of a big deal
Kind of a big deal

Thinking about this laterally.

 

Since this is a company, you have control over Company Assets.  Use the Meraki Systems manager on all network assets, Windows, Android, iPhone and Mac.

Configure the network to only allow devices to attach that have Systems Manager installed.

 

Add the applications to the black list, and create a security policy to flag the devices with these applications and deny them access (or any other alternative action) instead.

https://documentation.meraki.com/SM/Other_Topics/Configuring_Sentry_Policies

Ritchie
Getting noticed

I already advise that to the company but that is additional cost compare to other firewall brand that block that application.

 

Ritchie
Getting noticed

Anyway, thank you for the support philip.

Maicon_Vieira
Here to help

I'm having problem with ultrasurf too, nobody knows if meraki can block it?

Ritchie
Getting noticed

@Maicon_Vieira right now this issue are not addressed by meraki team. I already raise this case but they want tme to put it on wish tap.

Maybe you could put it too in the "Make a wish" at the bottom of the dashboard.

Or else you may use Firepower Threat Defense Firewall of cisco. 

Maicon_Vieira
Here to help

Ok, if you have any news let us know please.

Thanks

daveteknyc
New here

meraki has layer 7 rules to block some mobile applications but not all. We often get requests to block snapchat (Security Applicance/ Firewall) . Currently my MX600 (13.33) is unable to block ultrasurf and other proxy/anonymizers. We've requested this feature to the sales engineer. There are other products that do an effective job at stopping ultrasurf. Meraki is easy to use but lacks enterprise features
Maicon_Vieira
Here to help

In this case we don't have governance on the network just on the merakis.

And there is no AD ))=

Kenken
New here

Tried to block that using our Meraki appliance by identifying the IPs using wireshark and denying these IPs in layer 3 firewall. I only wasted 7 hours on this problem. It doesnt work. But if you have a firewall that has an App control feature, you can probably disable the connection on that application.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels