Astaro now blocks Ultrasurf with version 7.4. The need and difficulty of this task for schools are so great that Astaro issued a press release to announce the new feature.
Apparently they are doing this using SSL inspection (outbound SSL proxy) as opposed to using application signatures. Outbound SSL proxies introduce a new range of hassles. It would be better if they could detect the application (ahem) and block it that way:
The new filtering engine of Astaro’s version 7.4 also allows users to filter and control secure web traffic (HTTPS). With inferior web security solutions, users can circumvent the security policy simply by accessing sites over HTTPS, which encrypts the session between the client browser and the target destination. Astaro’s version 7.4 intercepts encrypted HTTPS traffic and examines the content for malware, stops spyware infections, and controls what types of sites can be accessed.
In addition to (instead of?) of blocking Ultrasurf at the network level, one could control such applications at the desktop level. Sophos does this with panache. Using a whitelisting program like Bit9 or Lumension also turns this into a non-issue. If there are other ways to solve this problem, let me know.
8 responses so far ↓
1 sheeraz // Mar 27, 2009 at 7:11 pm
internet lock can block ultra surf you have to block 9666 port there.you have to install it on every pc in your lab.this software is install on every pc on client side.
2 Jon Robinson // Apr 6, 2009 at 8:08 am
Thanks Sheeraz, I’ll have a look.
3 Zaid // May 13, 2009 at 3:38 am
Guys, I don’t think that it is easy to install any software on more than 500 desktop machines to block the UltraSurf, what needs to be done is to block the software on the network level not on the desktop level…
4 Jon Robinson // May 13, 2009 at 1:02 pm
@Zaid I think blocking it at the network is simple if you have a solution that can do it, but the endpoint is also a good spot. You already should be managing some sort of endpoint security client on your machines. Try to get a client that includes application control. Sophos is one that works well.
5 hiren // May 21, 2009 at 8:21 pm
can you help me? how can i block pen drive to domain user.server 2003
6 Bhdresh // Dec 23, 2009 at 11:49 pm
Guys… guys… guys… buy cyberoam and its ur job to block ultrasurf for you.
Cyberoam blocks all available versions of ultrasurf till 9.8
7 Himmat // Mar 20, 2010 at 4:16 am
there is a cost-effective solution compare to cyberoam, NetCop, go download it and it will block Ultrasurf for free…believe me.
8 David // Jul 3, 2010 at 12:09 am
Yep, NetCop UTM from whiteway.in is really blocking ultrasurf and yet cost effective.
Leave a Comment