Requirement
To block Skype IM using Cyberoam IPS signature.
Solution
Cyberoam provides solution to block Skype IM with the help of default IPS signature.
Prerequisite
Intrusion Prevention System module subscribed
Configuration
The entire configuration is to be done from Web Admin Console.
Step 1: Editing the IPS Policy
Versions 9.5.x.x or above
Go to IPS > Policy > Manage and modify the default policy “lantowan_strict”
Rather than configuring the drop action for individual signature in the Skype category, click the category “Skype” and select the action “Drop” for "Set common action".
All Versions below 9.4.2 build 0
Go to IPS > Policy > Manage and modify the default policy “lantowan_strict”
Click the toggle expansion button in category “Cyberoam signatures”.
Edit each signature under “skype” and select the IDP Mode as “Drop”
Step 2: Apply IPS policy through Firewall Rule
Blanket Block
If the messenger needs to be blocked for all users then create firewall rule from Firewall > Create Rule with the following parameters:
|
Parameters
|
Value
|
|
Source
|
Zone - LAN
Host - Any Host
|
|
Destination
|
Zone - WAN
Host – Any Host
|
|
Services/Service Group
|
All Services
|
|
Apply Schedule
|
All the Time
|
|
Action
|
Accept
|
|
Apply NAT
(Source NAT for Versions below 9.4.2.0)
|
MASQ
|
|
IPS Policy
|
lantowan_strict
|
User Specific Control
If the messenger needs to be blocked for specific user or group of users then create firewall rule from Firewall > Create Rule with the following parameters:
|
Parameters
|
Value
|
|
Source
|
Zone - LAN
Host - Any Host
|
|
Check Identity
|
User Name / Group Name
|
|
Destination
|
Zone - WAN
Host – Any Host
|
|
Services/Service Group
|
All Services
|
|
Apply Schedule
|
All the Time
|
|
Action
|
Accept
|
|
Apply NAT
(Source NAT for Versions below 9.4.2.0)
|
MASQ
|
|
IPS Policy
|
lantowan_strict
|
Document Version 2.0-20/07/2009
| 
