Description | This article describes how to block Psiphon application for users trying to bypass FortiGate's content restriction policies. |
Scope | FortiOS 7.0 and FortiOS 7.2. |
Solution |
⚠ DISCLAIMER ⚠
Application updates may result in being able to bypass the FortiGate detection mechanisms, the FortiGuard team is tirelessly working to ensure that any new update is immediately met with a new signature update as well as quickly as possible in order to block these connection attempts.
In order to have an overview, visit this link: https://www.fortiguard.com/appcontrol/32642.
Step 2: Configure the Application Control profile to block the 'Proxy' category (optional), 'Psiphon3' application (mandatory), and 'QUIC' application (mandatory):
Step 3 (optional): Configure the Web Filter profile to block 'Proxy Avoidance' category:
Step 4: Create the Firewall Policy with the above-mentioned profiles applied:
Step 5: Try to connect with Psiphon on the end-user machine now, it should be unable to connect and in the FortiGate logs it should show the blocks successfully:
Note: If the application is able to successfully connect after some time, take into consideration the initial disclaimer of this technical tip article. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.