Allow anydesk

Allow anydesk

Overview

For security reasons you blocked all the traffic to all users. But some of the users in your network need to access remote applications. Using SafeSquid you can allow specific users in your network to access remote applications.

How it works?

When user trying to access remote application, First SafeSquid checks for that user and decide whether this user is allowed to access remote application or not, if yes then SafeSquid gives access to that user, before giving the access it will check for user-agent. If the access allowed to both users and application, then only user can able to access that application. If the user Samidha wants access of xyz application, but she is trying to access abc application, SafeSquid will block to user Samidha.
Note:  Remote applications like Any desk and Ammy admin does not supporting SSO authentication.If SSO authentication is enabled you have to bypass it.
Remote applications like Remote desktop application, Download managersetc. (Anydesk and Teamviewer) should get automatically block if HTTPS inspection is enabled. No need to configure any policy for blocking purpose.

Access the SafeSquid interface

Go to configure page

Go to configure page to Allow anydesk

Go to Real time content security: HTTPS Inspection

Select HTTPS Inspection option in Real time content security section to Allow anydesk
Enabled Global section as true to allow anydeskBypass SSL inspection by editing policy in Inspection policy section
Select enabled as true of Bypass SSL Inspection policy to allow anydesk
Save Bypass SSL Inspection policy to allow anydesk

Go to Restriction Policies

Select Access profiles in Restriction policies section to allow anydesk
Default Restrict remote desktop application policies present in policies and profiles section

Edit one of clone policy in policies and profile section to allow anydesk
Edit and entry comment and request type in policy to allow anydeskSelect Bypass SSL Inspection in added profiles section to allow anydesk
Save Allow anydesk policySave configuration of policy to allow anydesk

Configuration on anydesk

Set proxy on anydesk application
If authentication is enabled you have to specify Username and Password on any desk application.
Anydesk should not take auto proxy settings: If you set proxy in IE browser or chrome browser and you select "Try to detect the proxy server" option on anydesk, it should not take proxy automatically. You must have to configure proxy on anydesk application.
Any desk and ammy admin is not supporting SSO authentication.If SSO authentication is enabled you have to bypass it.
How to create policy without Application Signature
Remote applications are already categorized in the SafeSquid Application Signatures. First you need to check whether the Application is categorized or not 
If application is not categorized under default Application Signatures, find User-agent using SafeSquid's extended logs or any other traffic capturing tool.
Add that User-agent or websites into Request Types
Bind that created user group and Request Type in Access Profiles and decide whether to block or allow


    • Related Articles

    • Allow remote applications to particular users

      Overview For security reasons you blocked all the traffic to all users. But some of the users in your network need to access remote applications. Using SafeSquid you can allow specific users in your network to access remote applications How it works? ...
    • Allow specific website through SafeSquid

      Client Scenario Stark tech is having 200 employees. Stark tech distributes all 200 employees into different 'User Groups'. Now Stark tech blocked all the websites for defined 'User Group' say 'General Users' Stark tech challenges are: General users ...
    • How to allow specific website through category

      Client Scenario Stark tech is having 200 employees. Stark tech distributes all 200 employees into different 'User Groups'. Now Stark tech blocked all the websites for defined 'User Group' say 'General Users' Stark tech challenges are: General users ...
    • Allow Social Networking Sites during Lunch Hours

      Overview Most of network administrators are able to access and track anything employees do on their computer. Most of the employees waste their time on social network sites. This can damage not only employment status, but employee’s reputation also. ...
    • Allow Specific YouTube Channel and its Playlist

      Client Scenario Ganpat University provides graduate programs to various colleges. Ganpat University distributes internet to their students. Ganpat University want to block entire www.youtube.com for their students, but wants some of the YouTube ...