Web filtering and SSL

[Michelle911 0]

I am having issues with the web and email portion. I have enabled protocol filtering and setup rules for web access and control. I filter social media websites, video/audio streaming, porn, etc and find that it doesn't work properly unless I also have SSL filtering enabled. When SSL is enabled, it blocks all SSL/https traffic. I then have to put in exceptions for anything https that we need to access, including apps functions in Quickbooks. This is a huge pain - I can find no log anywhere for that, so I change the filtering mode under SSL to interactive to see what things ask for permission. Is there a setting that I'm missing or is it supposed to block all SSL/https traffic? I do have setup Quickbooks as an excluded application - that does not work either, I assume because it accesses external sites for credit card processing etc. I have also unchecked under SSL "Block encrypted communication utilizing the obsolete protocol SSL v2", which did not help either. Anyone have any experience with this?

[Marcos 5,071]

To exclude Quickbooks from SSL/TLS filtering, open the advanced setup, navigate to Web and Email -> SSL/TLS -> List of SSL/TLS filtered applications and change the scan action for Quickbooks to "Ignore".

[Michelle911 0]

I have done that and Quickbooks was only one example. What I want to know is if every SSL/https website is going to be blocked meaning that I have to exclude every https address that I want to go to. Some of these for example, are in Quickbooks which I have no idea of.

[Marcos 5,071]

What browser do you use? Maybe the root certificate could not be imported to a trusted root CA certificate store which would cause issues when opening https websites. Try the following:
- restart Windows
- do not launch any application and open the advanced setup
- navigate to Web and Email -> SSL/TLS, disable SSL/TLS filtering and click ok
- re-enable SSL/TLS filtering
- wait a few seconds, then open an https website in a browser.

Let us know if the https website opens alright.

[Michelle911 0]

I forgot to say we use remote administrator 6.4 to control these settings. We have a mixture of internet explorer and chrome. It always seems to come from applications, not an address entered per se - another program for example is Roboform - It connects to a secure site to sync an "everywhere account" and would not sync through the app until I put the address in the allowed url's, but the program was already listed in the excluded applications. And the allowed url's list is on the top of all other lists.

[Michelle911 0]

Happened again yesterday where I had to enter oauth.quickbooks.com and *.dropbox.com for those desktop products to connect through the filtering. I already had *.quickbooks.com, so I'm confused as to why I had to enter that specifically. 

I'm still wondering if this is by design or if I need to tweak some setting.

[Marcos 5,071]

If I understand it correctly, applications other than web browsers connect to some https sites, such as quickbooks.com. If that's the case, in the advanced setup -> Web and email protection exclude these applications from protocol filtering.

[Michelle911 0]

I had both Quickbooks and Dropbox in the excluded application list, but updates and other types of traffic within the app were being still blocked so I had to add specific exclusions as noted above.