How to block LogMeIn with SWG blacklist entries

book

Article ID: 181241

calendar_today

Updated On:

Products

Web Gateway

Issue/Introduction

 

Resolution

LogMeIn is a company that offers remote access software and services. The LogMeIn software uses a proprietary remote desktop protocol that is transmitted over SSL.

Users access the machines associated with LogMeIn using a proprietary application or via the web portal. This document covers how to block access to the web portal.

Should a policy require to block access to LogMeIn, this can be configured in the following ways:

  • If SWG is licensed with the URL filtering Add-on, Dropbox access can be blocked by setting the sub-category Communication Services (pre 5.1) or Technology & Telecommunications (5.1 and later) (inside the Content Filtering Category called IT) to block.
  • LogMeIn access can be blocked by creating a blacklist under Policies -> Blacklist with the following entries:
    • *.logmein.com
    • *.logmeinrescue.com
    • *.logmeinrescure-enterprise.com
    • *.hamachi.cc
    • *.internapcdn.net

Both options can coexist if necessary, but this is not required.

The result of these changes should be confirmed by looking at the Custom Reports section under Reports. Results may vary depending of the way SWG has been deployed as SWG must be able to intercept HTTPS traffic.

These steps will not work if SWG is in inline only mode (unless an external upstream proxy is involved).

For details on how to configure Content Filtering policies and Blacklists, check the product documentation.