- Products
- Network Security
- Threat Protection
- Secure Access Service Edge (SASE)
- Cloud Security
- Endpoint Security
- Email Security
- Secure Access
-
Wi-Fi 6 Access Points
SonicWall SonicWave 600 series access points provide always-on, always-secure connectivity for complex, multi-device environments.
Read More
- Solutions
- Industries
- Use Cases
- Solutions Widgets
- Solutions Content Widgets
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
- Solutions Image Widgets
-
- Partners
- SonicWall Partners
- Partner Resources
- Partner Widgets
- Custom HTML : Partners Content WIdgets
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
- Partners Image Widgets
-
- Support
- Support
- Resources
- Capture Labs
- Support Widget
- Custom HTML : Support Content WIdgets
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
- Support Image Widgets
-
- COMPANY
- PROMOTIONS
- MANAGED SERVICES
- Contact Sales
-
- Menu
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
How to Block Toolbar Search using App Rules (Application Firewall) and Client DPI-SSL
03/26/2020 
333 People found this article helpful
193,470 Views
Description
How to Block Toolbar Search using App Rules (Application Firewall) and Client DPI-SSL
Resolution
Enabling Client DPI-SSL
Note: Before enabling Client DPI-SSL, administrators must be aware that Client DPI-SSL will proxy all outgoing SSL connections. To this end, SonicWall will re-sign the SSL certificates passing to hosts. This will trigger certificate errors in the browsers. To avoid these errors, import the SonicWall DPI-SSL CA certificate as a trusted Root CA into the browser's (or the computer's) certificate store. For more information, see UTM: Distributing the Default SonicWall DPI-SSL CA certificate to client computers using Group Policy
1. Navigate to the DPI-SSL | Client SSL page.
2. Enable check box Enable SSL Client Inspection
3. Enable check box Application Firewall
4. Click on Accept at the top to save the changes.
Create a Match Object of type HTTP URI Content
1. Click on Add New Match Object to open the Add/Edit Match Object window.
2. Enter a name for the match object.
3. Select HTTP URI Content under Match Object Type
4. Select Match Type as Partial
5. Set Input Representation as Alphanumeric
6. Under Content, enter the following keywords one after another:
client=firefox-a
client=ietb
form=MOZSBR
fr=moz35
sourceid=navclient
7. Click on Add after each entry.
8. Click on OK to save.
In order to be able to block searches from the Google toolbar installed in IE, we must create a separate Match Object with the following values
Create a Match Object of type HTTP Referer
1. Click on Add New Match Object again to open the Add/Edit Match Object window.
2. Enter a name for the match object.
3. Select HTTP Referer under Match Object Type
4. Select Match Type as Partial
5. Set Input Representation as Alphanumeric
6. Under Content, enter the following keyword:
sourceid=toolbar
7. Click on Add.
8. Click on OK to save.
Create App Rules
1. Navigate to the Firewall | App Rules page.
2. Enable the check-box Enable App Rules.
3. Click on the Add New Policy button to open the Edit App Control Policy window.
4. Enter the following information and click on OK.
Related Articles
- Identical Access Rules for different users/user groups
- Advanced Network Security eLearning Training Course
- Network Security Essentials eLearning Training Course
Categories
- Firewalls > TZ Series
- Firewalls > SonicWall SuperMassive E10000 Series
- Firewalls > SonicWall SuperMassive 9000 Series
- Firewalls > SonicWall NSA Series
YES
NO