How to Block the Psiphon Application
Resolution
Issue
Some applications must be blocked in order to stop Psiphon traffic.
Resolution
Psiphon is a tunneling application for evading censorship, however it provides no additional security for communications. The Psiphon site states, "Psiphon is designed to provide a channel to access content that is normally filtered. It is not a replacement for a secure communication environment. Psiphon will not secure e-mail, encrypt hard drive, or provide the user with end-to-end anonymity."
Psiphon uses 3 protocols:
- Http Proxy, which is based on newer revision documentation. SSL support has been added.
- SSH
- VPN: Ike/Ipsec/l2tp
In order to block the Psiphon, SSL and SSH decryption, as well as VPN traffic to internal segments, must be blocked.
It is very important to correctly block internal users only from using VPN related applications. Creating a rule that is too broad could potentially cause connectivity issues with remote sites.
owner: ppolizzi