Block Applications in MR - Categories

rarodrigo
Getting noticed

Block Applications in MR - Categories

I am looking rules block application inside of "Firewall &Shaping " MR option and I cannot see none about Whatsapp application. So, there is a lots of applications group, but anyone mention about whatsapp.

 

In this case what's the best approach to work in this way? For example block user to use on the specific SSID this application?

 

I believe to create rules inside name (www) or IP address related destination server is not polite, because there are lots servers. Is there any example using Meraki for this subject?

 

 


Kind Regards,
Rodrigo
Twitter: @rar_21
If this was helpful Kudo me 🙂
4 Replies 4
MilesMeraki
Head in the Cloud

Unfortunately, it looks like "WhatsApp" is missing from the predefined layer 7 firewall categories. The only way around this would be to create your rule manually via DNS/IP/Port number for the WhatsApp traffic. I don't know the DNS/IP/Port numbers myself however there are numerous articles online which share this information.

 

Have a read of this article which will help; https://superuser.com/questions/695621/how-to-block-the-whatsapp-android-application-in-a-network

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)
rarodrigo
Getting noticed

Exactly my point. 

I figure out this article and many other explain about block traffic, however there is not polite configure many lines to block it ( port, IP, DNS, etc ), then the best option will have this application inserted in this classification filters, like in "Skype" or other category.


Kind Regards,
Rodrigo
Twitter: @rar_21
If this was helpful Kudo me 🙂
MilesMeraki
Head in the Cloud

Yeah, i totally agree with you. Unfortunately, there doesn't seem to be a pre-defined rule for "WhatsApp", I'd advise making a wish in  dashboard. I'm sure the product team sees numerous of these however it would be great to see what are the reoccurring ones so they know what to prioritize.

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)
rarodrigo
Getting noticed

I only to advise another problems facing to block this traffic.

1) I cannot use a mask ( like * ) to implement rules inside of Layer 7 FW, so only entire and exactly URL to match which will increase more line in my rules

2) I didn't find way to specific a message regarding this rules when I have match on it ( like hits ) on the line and the same time a message could be informed as default for the user ( when user access by browser saying, maybe " This is not permitted in this environment " )

 

The only way to block this traffic was defined rules inside of MX ( Outbound Rules - Layer 3 ) on the specific VLAN using only a mask on the begin of URL ( *.whatsapp ), again cannot use a mask ( like * ) on the finish of this address.

 

Then, I will make wish on the portal in order to ask more attention.


Kind Regards,
Rodrigo
Twitter: @rar_21
If this was helpful Kudo me 🙂
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels