How to Block Gmail Chat using App Control Advanced
03/26/2020 
37 
12047
DESCRIPTION:
This article describes how to block Gmail chat using App Control Advanced.
RESOLUTION:
This is a scenario based article of the SonicWall App Control Advanced feature. In this scenario we describe how to block the Chat embedded within Google Webmail (Gmail) without blocking Google Webmail (Gmail). In addition, included here are the various methods of configuring App Policies.
- Login to the SonicWall Management GUI.
- Navigate to the Firewall | App Control Advanced page. In Gen5 TZ devices this page is under Security Services | App Control
- Check the box under Enable App Control and click on the Accept button at the top to enable App Control.
- Under App Control Advanced | View Style select WEBMAIL under Category; select Gmail (Google Mail) under Application; select Signature under Viewed By.
Block Google Chat
- From the signatures listed, click on Configure under SSL Traffic 2 (Signature ID 3440)
- In the App Control Signature window, select Enable under the Block and Log fields.
- Click on OK to save.
Include users to be blocked.
To block only certain users from accessing Gmail Chat, configure the following. In this example, users not members of the selected user group will be ALLOWED.
Exclude users from being blocked.
To allow certain users to Gmail Chat, configure the following. In this example, users not members of the selected user group will be BLOCKED.
Include IP Addresses to be blocked
To block only hosts within an IP address range, configure the following. Host computers configured with an IP address outside the range will NOT be BLOCKED.
Exclude IP Addresses from being blocked
To allow certain hosts within an IP address range, configure the following. Host computers configured with an IP address outside the range will NOT be ALLOWED access to Gmail Chat
Creating schedules to block Google Chat
To configure access to Gmail Chat in Gmail webmail at scheduled intervals, configure the following.
Navigate to the System | Schedules page. Listed here are the preconfigured schedules which can be used in App Control policies. Alternatively, you can create custom schedules with year, day and time set as per your preference.
To create a custom schedule, click on the Add button and enter the following information with the screenshot as an example.
In the following screenshot, Gmail Chat will be Allowed during Noon (12-14 Hours), After Hours (00-08 Hours & 15-24 Hours) and Weekends (All hours). Outside these hours Gmail Chat will be allowed or blocked depending on the parent App Settings. If the parent Application, Gmail (Google Mail) is set to Block, then Gmail Chat will be blocked.
How to Test
From a host behind the SonicWall, login to Gmail (mail.google.com). After the Inbox has been loaded, Google will try to load the chat application and fail.
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Capture Security applianceAdvanced Threat Protection for modern threat landscape
Network Security ManagerModern Security Management for today’s security landscape
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
