Anyway to determine if something is being blocked by firewall?

  • 1
  • Question
  • Updated 3 years ago
We are looking to deploy an IP firewall policy to block specific applications using the built-in Application Services. For example: Snapchat, Facebook, Tumblr, and Bittorrent. We are worried this may cause other things to become blocked unintentionally.

1. How accurate is Aerohive in determining these services?
2. Has anyone had a problem with this and it blocking unintended services?
3. How much of an impact does their deep packet inspection have on network speeds?
4. Is there anyway for the user to realize the services is being blocked rather than them sitting there trying to get it to load?

Any other thoughts/opinions about using Aerohive's IP firewall policies is greatly appreciated as I'm new to using this option.
Photo of Mike Peloquin

Mike Peloquin

  • 2 Posts
  • 0 Reply Likes

Posted 3 years ago

  • 1
Photo of David Coleman

David Coleman, Official Rep

  • 209 Posts
  • 164 Reply Likes

Answers to your questions:

1) We have functional signature files for 1200+ apps

2) Blocking is one strategy, but you might also instead consider rate-limiting certain applications to very slow speeds which effectively makes many applications ineffective

3) Packet inspection does not affect network speeds but does have somewhat of an impact on the AP processor. 

4) Not currently for the firewall. We do have any kind of HTML warning message for the much like you often see used in web content filtering solutions.