X-VPN Chrome extension

[Marlon Yu]

Just sharing … I noticed that several students coming to us for help (for various reasons) have the X-VPN Chrome extension installed. Suspicious, I decided to dig into it.

 

Turns out, if you have a higher priority rule in your Fortigate that allows access to “Microsoft-Web” (isdb), the Chrome browser extension for X-VPN will be allowed to go through (to some-random-characters.360tls.com) despite you having an application filter to disallow X-VPN. Disabling that rule (or in our case, excluding BYOD devices since we only have it for Intune), allows the application filter to kick in and block it.

 

Marlon

 

*** RANGITOTO COLLEGE EMAIL DISCLAIMER ***

The contents of this email and any attachments are confidential and may be legally privileged. If you are not the intended recipient please advise the sender immediately and delete the email and attachments. Any use, dissemination, reproduction or distribution of this email and any attachments by anyone other than the intended recipient is prohibited.

*** RANGITOTO COLLEGE EMAIL DISCLAIMER ***

[Blake Richardson]

I have worked with Fortinet support to get a fix for the App ( not chrome extension) not being blocked. It involved creating custom application signatures so if anybody would like them please contact me directly.