HomeHome ArticlesArticles Most Popular ArticlesMost Popular Articles Most Helpful ArticlesMost Helpful Articles Request New ArticleRequest New Article
RSS Feeds
DrillDown Icon Table of Contents Back
 . . . . . . . . . . . . .
DrillDown Icon Vulnerability Security Advisories
DrillDown Icon Best Practices & Policies
DrillDown Icon Protect Your Cyberoam Appliances from Power Fluctuations
DrillDown Icon Technical Library
DrillDown Icon Compatibility
DrillDown Icon Archives
DrillDown Icon Version 9.x
DrillDown Icon How To
DrillDown Icon Anti Spam
DrillDown Icon Anti Virus
DrillDown Icon Authentication
DrillDown Icon Blocking
DrillDown Icon Block the Internet access based on MAC address
DrillDown Icon Allow specific URL from the blocked Category
DrillDown Icon Block Gmail
DrillDown Icon Allow specific URLs
DrillDown Icon Filter HTTPS URLs
DrillDown Icon Block Free Anonymous Web Proxy (kproxy) over HTTPS Using Custom IDP Signature
DrillDown Icon Block Rediff Bol IM Using IDP Signature
DrillDown Icon Block SKYPE using IDP signature
DrillDown Icon Block Google Talk IM using Custom IDP Signature
DrillDown Icon Block External Proxy using IDP
DrillDown Icon Block Unauthorized Internet Access By Using Anonymous Proxies
DrillDown Icon Block Windows Live Messenger using IDP
DrillDown Icon Block Chikka Mobile Instant Messenger
DrillDown Icon Block ORKUT
DrillDown Icon Block a specific URL
DrillDown Icon Clients
DrillDown Icon Content filtering
DrillDown Icon Firewall
DrillDown Icon IPS
DrillDown Icon Logs & Reports
DrillDown Icon SNMP
DrillDown Icon System
DrillDown Icon Registration
DrillDown Icon User
DrillDown Icon VPN
DrillDown Icon Intimation Regarding US New Daylight Saving Time Support
DrillDown Icon Verify the integrity check of Cyberoam Upgrade file using MD5 checksum
DrillDown Icon Troubleshooting
DrillDown Icon FAQ
DrillDown Icon Tech Notes
DrillDown Icon Visio Stencils
DrillDown Icon Product Technical Support
  Subscribe Print PreviewPrint Current Article and All Sub-Articles
 
Block SKYPE using IDP signature
 
 
Requirement
To block Skype IM using Cyberoam IPS signature.

Solution
Cyberoam provides solution to block Skype IM with the help of default IPS signature.

Prerequisite
Intrusion Prevention System module subscribed

Configuration
The entire configuration is to be done from Web Admin Console.


Step 1: Editing the IPS Policy

Versions 9.5.x.x or above

Go to IPS > Policy > Manage and modify the default policy “lantowan_strict”

Rather than configuring the drop action for individual signature in the Skype category, click the category “Skype” and select the action “Drop” for "Set common action".
 
 

All Versions below 9.4.2 build 0

Go to IPS > Policy > Manage and modify the default policy “lantowan_strict”
Click the toggle expansion button in category “Cyberoam signatures”.
 
 
 
Edit each signature under “skype” and select the IDP Mode as “Drop”

Step 2: Apply IPS policy through Firewall Rule

Blanket Block
If the messenger needs to be blocked for all users then create firewall rule from Firewall > Create Rule with the following parameters:

Parameters

Value

Source

Zone - LAN
Host - Any Host 

Destination

Zone - WAN
Host – Any Host 

Services/Service Group

All Services

Apply Schedule

All the Time

Action

Accept

Apply NAT
(Source NAT for Versions below 9.4.2.0)

MASQ

IPS Policy

lantowan_strict



User Specific Control
If the messenger needs to be blocked for specific user or group of users then create firewall rule from Firewall > Create Rule with the following parameters:

Parameters

Value

Source

Zone - LAN
Host - Any Host 

Check Identity

User Name / Group Name

Destination

Zone - WAN
Host – Any Host 

Services/Service Group

All Services

Apply Schedule

All the Time

Action

Accept

Apply NAT
(Source NAT for Versions below 9.4.2.0)

MASQ

IPS Policy

lantowan_strict


Document Version 2.0-20/07/2009
Article ID: 473