- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
How to block Google Play Store on Desktop and mobile devices (Android) using App Rules.
10/14/2021 
17 People found this article helpful
52,387 Views
Description
How to block Google Play Store on Desktop and mobile devices (Android) using App Rules (Application Firewall).
Resolution
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
Feature/Application:
This article describes how to block Google Play Store both on mobile devices and desktops using App Rules.
Note:
- This solution blocks DNS requests / responses only. If Google Play Store is open before enabling this rule, it might allow access. However, when attempting to open afresh, it will be blocked.
- The solution described here will block other Google Services like Google Maps, Hangout etc.
Procedure:
Create Match Object
- Login to the SonicWall Management GUI
- Navigate to the Manage | Objects | Match Objects page.
- Click on Add New Match Object to open the Add/Edit Match Object window.
- Enter a name for this object under Object Name
- Set Match Object Type to Custom Object
- Set Input Representation as Hexadecimal
- Under Content, enter the following hex strings:
- 07616e64726f696407636c69656e747306676f6f676c6503636f6d
Note: This will block access to Play Store when accessed over the Play Store app. - 04706c617906676f6f676c6503636f6d
Note: This will block access to Play Store when accessed over a browser.
- 07616e64726f696407636c69656e747306676f6f676c6503636f6d
- Click on Add
- Click on OK
Create App Rule
- Navigate to the Rules | Application Control page.
- Click on the Add New Policy button to open the Edit App Control Policy window.
- Enter the following information and click on OK.
Note: You could lock it down further by Zone. For example,
- Set Connection Side to Server Side or Both
- Click on Advanced under Direction
- Set From to Any and To to WLAN (Any in case the server is internal)
This will block DNS response from a server on the WAN or LAN. 
Testing:
From a mobile device behind the SonicWall, try to open the Play Store app after flushing the DNS cache of the device (mostly done by restarting the device) and you will get the following error in the app. If the device's DNS server is pointed to an internal DNS server, then flush the DNS cache of the server before testing.
The following message will be logged in the SonicWall under Investigate | Event Logs
Resolution for SonicOS 6.2 and Below
The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.
Feature/Application:
This article describes how to block Google Play Store both on mobile devices and desktops using App Rules.
Note:
- This solution blocks DNS requests / responses only. If Google Play Store is open before enabling this rule, it might allow access. However, when attempting to open afresh, it will be blocked.
- The solution described here will block other Google Services like Google Maps, Hangout etc.
Procedure:
Create Match Object
- Login to the SonicWall Management GUI
- Navigate to the Firewall > Match Objects page ( In older SonicOS firmware this page would be under Application Firewall > Match Objects)
- Click on Add New Match Object to open the Add/Edit Match Object window.
- Enter a name for this object under Object Name
- Set Match Object Type to Custom Object
- Set Input Representation as Hexadecimal
- Under Content, enter the following hex strings:
- 07616e64726f696407636c69656e747306676f6f676c6503636f6d
Note: This will block access to Play Store when accessed over the Play Store app. - 04706c617906676f6f676c6503636f6d
Note: This will block access to Play Store when accessed over a browser.
- 07616e64726f696407636c69656e747306676f6f676c6503636f6d
- Click on Add
- Click on OK
Create App Rule
- Navigate to the Firewall > App Rules page.
- Click on the Add New Policy button to open the Edit App Control Policy window.
- Enter the following information and click on OK.
Note: You could lock it down further by Zone. For example,
- Set Connection Side to Server Side or Both
- Click on Advanced under Direction
- Set From to Any and To to WLAN (Any in case the server is internal)
This will block DNS response from a server on the WAN or LAN.
- Enable the check-box Enable App Rules.
Testing:
From a mobile device behind the SonicWall, try to open the Play Store app after flushing the DNS cache of the device (mostly done by restarting the device) and you will get the following error in the app. If the device's DNS server is pointed to an internal DNS server, then flush the DNS cache of the server before testing.
The following message will be logged in the SonicWall under Log > View
Related Articles
- How to force an update of the Security Services Signatures from the Firewall GUI
- How to upload security services signatures manually on Closed Environments?
- How to Create Gen 7 Settings File by Using the Online Migration Tool
Categories
- Firewalls > SonicWall NSA Series
- Firewalls > SonicWall SuperMassive 9000 Series
- Firewalls > SonicWall SuperMassive E10000 Series
- Firewalls > TZ Series
YES
NO