-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
How to Block Ultrasurf in GEN7 SonicOS
11/30/2022 
1 People found this article helpful
304,325 Views
Description
In the absence of SonicWall’s DPI-SSL configuration, which would be recommended, it is still possible to mostly block Ultrasurf and other Proxy Avoidance Applications, this does include Psiphon. Please note that this will not be 100% successful, and the applications still may occasionally be successful. In most of these successful connections, however, the connection performance is extremely impacting on the user experience. This performance will help to dissuade further use of the application in most cases.
Please note, again, this will not be 100% successful at blocking all connections all the time.
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
- Enable SonicWall’s SSL Control Service under Network |Firewall |SSL Control |Settings.
2. Apply SSL Control to the appropriate Zone for enforcement (Here applying to "Test-Zone")
3. Restrict traffic in Access Rules to only required connections. Also, make sure that DNS is controlled to only trusted DNS Servers, all other communications are blocked.
4. Use App Control Advance to restrict applications Google QUIC, DNS, SSH, and the entire category of Proxy-Access. Navigate to Policy |Security Services |App Control and search for required categories.
- App Category: Infrastructure | App Name: Google Play
- App Category: Protocols | App Name: Quic
- App Category: Protocols | App Name: SSH Protocol
- App Category: Protocols | App Name: DNS Protocol
TIP: Please make sure that DNS is restricted to only trusted DNS server objections.
5. Block the entire category of Proxy Access by navigating to POLICY |Security Services |App Control, with Category as PROXY-ACCESS, Application as ALL and Viewed BY: CATEGORY.
6. Navigating to POLICY |Security services |Content Filter and enable the option "Enable Content Filtering Service."
7. Block site categories for Hacking / Proxy Avoidance Systems & Not Rated by navigating to OBJECT | Profile Objects | Content Filter | CFS Default Policy (Or any custom policy according to requirement).
- Block Not RATED Category as well.
Results:
Ultrasurf may report that it connections, contacting server, or otherwise show that it is running, but it will continually time out and be virtually ineffective at running any traffic.
Related Articles
- How to Block Google QUIC Protocol on SonicOSX 7.0?
- How to block certain Keywords on SonicOSX 7.0?
- How internal Interfaces can obtain Global IPv6 Addresses using DHCPv6 Prefix Delegation
YES
NO