How to Configure “Allowed Secure Web domains” in Secure Mail

On Android MDX policy settings on Secure mail:

1. Add {package=com.android.chrome} under Restricted Open-In exception list

( the package ID is for Chrome browser)


2. Add the DNS suffix of the internal site under Allowed Secure Web domains

3. For any other third party browser, use the below formatting accordingly

{package=<packageID of the browser>}


On iOS MDX Policy settings on Secure Mail:

1. add +^safari: under Allowed URLs

2. add ,safari: under App URL schemes

3. Add the DNS suffix of the internal site under Allowed Secure Web domains

Note: On Android end users would be prompted to select native browser(Chrome) or Secure Web due to OS limitation. However on iOS, user will be automatically redirected to designated browser.

Related:

  • No Related Posts

The feature “Allowed Secure Web domains” in the Secure Mail MDX Policy doesn’t work as expected

On Android MDX policy settings on Secure mail:

1. Add {package=com.android.chrome} under Restricted Open-In exception list

( the package ID is for Chrome browser)


2. Add the DNS suffix of the internal site under Allowed Secure Web domains

3. For any other third party browser, use the below formatting accordingly

{package=<packageID of the browser>}


On iOS MDX Policy settings on Secure Mail:

1. add +^safari: under Allowed URLs

2. add ,safari: under App URL schemes

3. Add the DNS suffix of the internal site under Allowed Secure Web domains

Note: On Android end users would be prompted to select native browser(Chrome) or Secure Web due to OS limitation. However on iOS, user will be automatically redirected to designated browser.

Related:

  • No Related Posts

SEP ver 14.0.2349.0100 doesn’t connect to SEPM on MacOS High Sierra?

I need a solution

I don’t have many High Sierra machines so I haven’t noticed.  I was checking my Symantec management server and I don’t see the High Sierra machines there, but they do have SEP installed and that can pull updates.

High Sierra doesn’t work with ver 14.0.2349.0100 in terms of connecting to SEPM?

(I’ve tried Chrome and Internet Explorer…. If I choose Endpoint Management and then try to use the next dropdown box, nothing shows up in the dropdown box.  I can’t use it.  So I’m posting anywhere I guess….)

0

Related:

  • No Related Posts

Error: “You have not chosen to trust…” When Launching Applications Using Citrix Receiver Through NetScaler Gateway

Important! This article is intended for use by System Administrators. If you are experiencing this issue and you are not a System Administrator, contact your organization’s Help Desk for assistance and refer them to this article.

This issue may be caused by an out-of-date intermediate certificate installed at NetScaler Gateway. This does not mean that the CA certificates currently being used is expired but the CA has since released newer versions of that certificate.

Verify the certificate bindings at the NetScaler Gateway to resolve this issue.

To confirm this, visit the NetScaler Gateway website using a web browser, and examine the certificate chain in the web browser. You may wish to cross-check this by repeating with more than one web browser (such as with Google Chrome and Mozilla Firefox). Then, compare all the certificates in the browser’s certificate chain with the certificate chain at NetScaler Gateway.

User-added image

Note: Compare all the serial numbers in the certificates and not just the Subject Name. If there are any mismatches in intermediate certificates, this is a possible cause.

Update NetScaler Gateway with the corresponding intermediate certificates, as they appear in the web browser. You can export the intermediate certificates from the web browser. If you used more than one web browser, it is possible that they yield different certificate chains. If so, use the newer certificate chain.

For more information about installing and linking an intermediate certificate with Primary CA on a NetScaler Gateway appliance, refer to CTX114146.

Related:

  • No Related Posts

Time once again to disable Flash Player on your browser as new zero-day exploit pops up

Adobe has warned that a new zero-day vulnerability is currently being exploited in the wild, with a patch not yet available to address the issue.

The vulnerability is apparently being used by North Korean operatives against South Korean researchers in “limited, targeted attacks against Windows users”, but we assume it will not be long before it spreads more widely.

The malware can be delivered by web pages, but also by email or in Office documents.

Simon Choi, director of the Next Generation Security Research Center at Seoul-based computer software company Hauri, Inc. – also affiliated with South Korea’s Cyber Warfare Intelligence Center (CWIC) suggests worried users remove the Flash player, keeps their antivirus up to date and avoid suspicious emails. The vulnerability affects Edge and Chrome, and using Firefox also offers some protection.

The following products are affected: versions 28.0.0.137 and earlier of Adobe Flash Player Desktop Runtime (Windows and Mac), Adobe Flash Player for Google Chrome (Windows, Macintosh, Linux and Chrome OS), Adobe Flash Player for Microsoft Edge and Internet Explorer 11 (Windows 10 and 8.1), and Adobe Flash Player Desktop Runtime (Linux).

Adobe is working on a patch to roll out shortly.

Read the advisory at Adobe here.

Via SCMagazine.com

Related:

  • No Related Posts

Attackers exploiting critical Adobe Flash Player zero-day bug; no patch until next week

patch flaw vulnerability
patch flaw vulnerability

Adobe Systems says it plans to address a critical zero-day vulnerability in Flash Player that a researcher asserts is being actively exploited in the wild to attack South Koreans conducting research on North Korea.

A Feb. 1 advisory from Adobe warns that the flaw, CVE-2018-4878, can be leveraged by attackers to take control of an affected system and is being used in “limited, targeted attacks against Windows users.”

Kr-CERT/CC, South Korea’s national computer emergency response team, issued a security bulletin on Wednesday, Jan. 31, stating that attackers can exploit the flaw by embedding malicious Flash content in spam, emailed Microsoft Office documents, or web pages.

Simon Choi, director of the Next Generation Security Research Center at Seoul-based computer software company Hauri, Inc. – also affiliated with South Korea’s Cyber Warfare Intelligence Center (CWIC) – tweeted that the zero-day bug was first exploited by North Korea in mid-November 2017, in order to target “South Koreans who mainly do research on North Korea.”

Until a patch is distributed, Kr-CERT recommends that users remove Flash Player, avoid opening suspicious emails, and keep anti-virus programs updated. Alternatively, users may be able to limit the potential for damage by using Firefox as their browser.

Adobe warns the following products are affected: versions 28.0.0.137 and earlier of Adobe Flash Player Desktop Runtime (Windows and Mac), Adobe Flash Player for Google Chrome (Windows, Macintosh, Linux and Chrome OS), Adobe Flash Player for Microsoft Edge and Internet Explorer 11 (Windows 10 and 8.1), and Adobe Flash Player Desktop Runtime (Linux).

Related:

  • No Related Posts

ProxySG – Chrome Download behaviour

I need a solution

Hi All,

In ProxySG, We have configured the rule to block the exe based on the file extension and appreant data type. 

When user went to the google.com/chrome and click download option , they able to install the chrome sucessfully. 

Am wondering how it’s not blocked since it’s excutable fille. I took the policy capture where specific rule is neglected as “n/a”.

Rule :

Soucre              Destination               Action 

Any                   File Type                    Deny

Snippet from Policy Capture:

       <Proxy>
  miss:     category=All_Global_Denied_URL
   n/a:     condition=__CondList1Org_Global_Deny_CD

Thanks in Advance….

0

Related:

  • No Related Posts