Failed to Block Facebook Chat Consistently

Failed to Block Facebook Chat Consistently

24728
Created On 09/25/18 17:41 PM - Last Modified 06/07/23 17:28 PM


Symptom


Symptoms

Security Rule has been configured to block Facebook-Chat Application, in the traffic log firewall seems to successfully blocked the Facebook-Chat; however, the user can continue to use Facebook-chat over the web.

Diagnosis

When we use Facebook-Chat in a web page, the web client will open multiple sessions towards the server. Since Facebook integrated chat and messages into one service, half of the sessions will have a chat structure and the other half will have a mail structure. So in order to successfully and consistently block Facebook chat, you  need to block both facebook-chat and also facebook-mail applications.

Resolution


Step 1. Enable decryption.

For more information about Decryption, please refer to "How to Implement and Test SSL Decryption".

 

Step 2. Configure your security rule to block "facebook-chat" and "facebook-mail" applications.

 

Step 3. Create another security rule that allows "facebook-base" application. Add this security rule below the rule created in Step 2 above.

 

With the above configuration, the user still can browse to Facebook, but will not be able to use Facebook-Chat.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClHuCAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language