- Products
- Network Security
- Threat Protection
- Secure Access Service Edge (SASE)
- Cloud Security
- Endpoint Security
- Email Security
- Secure Access
-
Wi-Fi 6 Access Points
SonicWall SonicWave 600 series access points provide always-on, always-secure connectivity for complex, multi-device environments.
Read More
- Solutions
- Industries
- Use Cases
- Solutions Widgets
- Solutions Content Widgets
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
- Solutions Image Widgets
-
- Partners
- SonicWall Partners
- Partner Resources
- Partner Widgets
- Custom HTML : Partners Content WIdgets
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
- Partners Image Widgets
-
- Support
- Support
- Resources
- Capture Labs
- Support Widget
- Custom HTML : Support Content WIdgets
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
- Support Image Widgets
-
- COMPANY
- PROMOTIONS
- MANAGED SERVICES
- Contact Sales
-
- Menu
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
How to block SnapChat using App Control Advanced and Client DPI-SSL
03/26/2020 
342 People found this article helpful
194,683 Views
Description
UTM: How to block SnapChat using App Control Advanced and Client DPI-SSL
Resolution
SnapChat is a widely used app for exchanging photos, images, text and video. The nature of the application, and its popularity, makes SnapChat a potential network bandwidth hogger. SnapChat uses HTTPS to connect and exchange data. Because it is HTTPS and the traffic is encrypted, SnapChat traffic specifically cannot be blocked without SonicWall Client DPI-SSL. This KB article describes how to block SnapChat using App Control Advanced signatures with Client DPI-SSL enabled.
For blocking SnapChat without Client DPI-SSL, see UTM: How to block SnapChat using App Rules (Application Firewall).
Procedure:
1. Login to the SonicWallManagement GUI.
2. Navigate to the Firewall | App Control Advanced page. In Gen5 TZ devices this page is under Security Services | App Control
3. Check the box under Enable App Control and click on the Accept button at the top to enable App Control.
4. Under App Control Advanced | View Style, select SOCIAL NETWORKING under Category; select SnapChat under Application; select Signature under Viewed By to list the signatures available for SnapChat.
5. Click on the configure icon under SnapChat and select Enable under Block and Log:
6. Click on OK to save.
Enabling Client DPI-SSL
Note: Before enabling Client DPI-SSL, administrators must be aware that Client DPI-SSL will proxy all outgoing SSL connections. To this end, SonicWall will re-sign the SSL certificates passing to hosts. This will trigger certificate errors in the browsers. To avoid these errors, import the SonicWall DPI-SSL CA certificate as a trusted Root CA into the browser's (or the computer's) certificate store. For more information, see Distributing the Default SonicWall DPI-SSL CA certificate to client computers using Group Policy
1. Navigate to the DPI-SSL | Client SSL page.
2. Enable check box Enable SSL Client Inspection
3. Enable check box Intrusion Prevention
4. Click on Accept at the top to save the changes.
Enabling Application Control on zones
- Navigate to Network | Zones
- Click on the configure button under the zone where you want to enable App Control.
- Check Enable App Control Service.
- Click on OK to save.
Log Messages
The following log messages will be generated when clients are blocked trying to use the SnapChat app.
Related Articles
- Identical Access Rules for different users/user groups
- Advanced Network Security eLearning Training Course
- Network Security Essentials eLearning Training Course
Categories
- Firewalls > TZ Series
- Firewalls > SonicWall SuperMassive E10000 Series
- Firewalls > SonicWall SuperMassive 9000 Series
- Firewalls > SonicWall NSA Series
YES
NO