Hello,
We want to block ssh tunneling from internal network. (port 22 is block on our fw). Only way to go outside is to use wcg proxy or SaaS on port 8080/80
We applied a block ssh protocol policy to all our users but they are still able to connect ssh server through WCG (didn't test yet for SaaS).
Wireshark dump on client:
CONNECT 88.xxx.127.xxx:443 HTTP/1.1
Host: 88.xxx.127.xxx:443
HTTP/1.1 200 Connection Established
Date: Wed, 24 Jul 2013 09:44:51 GMT
Via: 1.1 localhost.localdomain
SSH-2.0-OpenSSH_5.5p1 Debian-6+squeeze1
SSH-2.0-PuTTY_Release_0.60
Are we agree that Websense should be able to block this type of encapsulated traffic?
Please note that we didn't enable https feature on WCG
Does tunnel port settings on WCG is important ?
| Tunneled Protocol Detection | 2.0 | 4396 | Wednesday, July 24, 2013 01:28:06 |