Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
househed
Explorer

WhatsApp file types

Hi,

Running R80.30, we currently have an application policy for WhatsApp file transfer, locked down to specific users, allowing all content.

When we first implemented and testing this, we noticed that allowing media files didnt seem to work. Assume because its encrypted.

Is there any way to lock it down to media files only?

Thank you.

 

 

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

WhatsApp is End to End encrypted and not something where you can see the precise content sent.
However, it's possible "WhatsApp Media" traffic looks different than for, say, text messages.
What do your firewall logs say when someone tries to upload/download media with your current rulebase?
0 Kudos
Ilham_Syuhada
Explorer

Hi @househed,

Have you found the solution right now ? I have same problem too, firewall log said only "whatsapp messanger" instead of "whatsapp messenger file transfer" on application name field.

Thank you.

0 Kudos
househed
Explorer

Hi @Ilham_Syuhada,

For the few users that need it, we've only allowed "WhatsApp Messenger-file transfer" and Any content.

Unfortunately, restricting the content type (Media and Images) did not work.

It must be because of the WhatsApp end-to-end encryption, the firewall cannot distinguish between the file types.

Hope that helps.

0 Kudos
PhoneBoy
Admin
Admin

It may also depend on version/JHF level.
This would (likely) work better if you’re on a version that has SNI support.
See: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events