How to Block Google AI button

Description

Google AI button is available on on www.google.com to access the AI agent from all browsers.

In addition, when the search results are displayed, users can access the "AI Mode" tab chat with the agent about the entered search term.

SonicWall firewall can be configured to block the access in either way.
CFS Engine can't block the access to AI Google Mode because AI mode is embedded on www.google.com homepage.

Resolution

To be able to block Google AI Button The key requirements are:
1- enable the DPI-SSL Client. 
Please refer to the following KB Articles to get an overview of the DPI-SSL service.
How to decrypt HTTPS Traffic using DPI-SSL?
How to Configure DPI-SSL CFS Category-based Exclusions / Inclusions

In case DPI-SSL is already configured with CFS inclusion/exclusion Category logic, be sure to Include "Category 29. Search Engines and Portals"

 

2 - Disable QUIC Protocol: Please refer to the following KB Article How to Block Google QUIC Protocol on SonicOS 7?

Block the Google AI signatures with App Control
Go to Policy -> Security Services -> App Control to enabled it and then click on "Accept"
Be sure that the Signatures are downloaded.




Go to Signature tab to search the Signature ID 9522 and then edit:

Enable the Block and the Log. Click on OK to save




Going back on the previous page, the signature is reported blocked.

Apply the same for Signature ID 5798

 

From now on, access to www.google.com will remain active, but Google AI button will be denied by App Control.


Firewall will report the connection attempt in System logs.
LOG ID 1155 - App Control Prevention


In case Google AI button is still not blocked, even if DPI-SSL certificate It is shown on www.google.com please add the following configuration.

Add an APP Rule to block Google AI Signature

Go to OBJECTS -> Match Objects -> Match Objects and click on "+ Add"


For "Match Object Settings:"

Object Name: Google AI
Match Object Type: Application Signature List
Application Category: MISC-APPS (53)
Applications: MISC-APPS Google (995)
Application Signatures: input 9522 and click on the result, then click on + to add the signature


Click on + and enter 5798 to add the second signature.


Both signatures are added to the Match Object "Google AI"


Go to POLICY -> Rules and Policies -> App Control and click on Settings


Make sure App Control is enabled.


Click on  "+ Add" to add the App Rule.
Enter the Policy Name and then select the Match Object "Google AI" under "Match Object Included"
Click on OK




For a better result, ensure to disable the option "Limit CFT Scan" on DIAG Page

Related Articles

  • A Consolidated Guide to the different object types
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • SSH password authentication fails after OpenSSH upgrade
    Read More

Categories

Firewalls
NSa Series
Firewalls
NSsp Series
Firewalls
NSv Series
Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community
Chat