search cancel

Incidents are not generated using Google Drive Sync.

book

Article ID: 243014

calendar_today

Updated On:

Products

CASB Gateway

Issue/Introduction

Files are not blocked by policy when uploading a document using the desktop app Google Drive Sync.

The same document is blocked when uploaded to Google Drive from a Browser.

The upload activity is not seen in investigate use the Google Drive Sync.

Resolution

SSL decryption must take place on all the Google domains of interest. Google provides the following domains of interest (DoI). Make sure that you the local proxy and WSS is not bypassing the domains.

In one case, a customer was bypassing googleapis.com and apis.google.com.  The proxy engineering was able to verify that the decryption was bypassed and the traffic was sent directly to Google instead of WSS.

Using Google Drive sync may not synchronize files because it does not trust WSS as an intercepting proxy. Follow the DriveSync documenation to see how to add the wss certificate using setting TrustedRootCertsFile. Alternatively, test by disabling the SSL Validation: DisableSSLValidation, the data is encrypted but the certificate is not tested.

 

Additional Information

A proxy trace can verify that the traffic is decrypted and sent to WSS. 

A Fiddler trace may also verify that the traffic is destined for WSS.