How to Block Microsoft Windows updates using App Control Advanced
Description
How to Block Microsoft Windows updates using App Control Advanced
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
Feature/Application:
Block Microsoft Windows Updates using Application Control Advanced
Procedure:
Login to the SonicWall Management GUI.
Navigate to Policy> Security services > Advanced Application Control.
Check the box under Enable App Control and click on the Accept button at the bottom to enable App Control.
Under Signatures tab,select APP-UPDATE under Category;
From the drop-down under Application, select Windows updates.
From the Drop-down under Viewed by ,select Signature
Click on Configure
In the App Control Signature window, select Enable under the Block and Log fields.
Click on OK to save
Make sure that the app control is enabled on the Zone (LAN/WLAN) where you want to apply.
How to Test:On any computer which is behind LAN(172.27.61.8), try to update windows and that should fail.
The following App Control messages will be logged under Monitor | Logs | System logs when it detects any PC trying to update windows.
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
Feature/Application:
Block Microsoft Windows Updates using Application Control Advanced
Procedure:
Login to the SonicWall Management GUI.
Navigate to Manage > Rules > Advanced Application Control.
Check the box under Enable App Control and click on the Accept button at the bottom to enable App Control.
Under Advanced Application Control > View Style select APP-UPDATE under Category;
From the drop-down under Application, select Microsoft Windows updates.
From the Drop-down under Viewed by ,select Signature
Click on Configure
In the App Control Signature window, select Enable under the Block and Log fields.
Click on OK to save
Make sure that the app control is enabled on the Zone (LAN/WLAN) where you want to apply.
How to Test:
On any computer which is behind LAN(172.27.61.8), try to update windows and that should fail.
The following App Control messages will be logged under Investigate > Event Logs when it detects any PC trying to update windows.
Resolution for SonicOS 6.2 and Below
The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.
Feature/Application:
Block Microsoft Windows Updates using Application Control Advanced
Procedure:
Login to the SonicWall Management GUI.
Navigate to the Firewall > App Control Advanced page. In Gen5 TZ devices this page is under Security Services > App Control
Check the box under Enable App Control and click on the Accept button at the top to enable App Control.
Under App Control Advanced > View Style select APP-UPDATE under Category;
From the drop-down under Application, select Microsoft Windows updates.
From the Drop-down under Viewed by ,select Signature
Click on Configure
In the App Control Signature window, select Enable under the Block and Log fields.
Click on OK to save
Make sure that the app control is enabled on the Zone (LAN) where you want to apply
How to Test:
On any computer which is behind LAN(172.27.61.8), try to update windows and that should fail.
The following App Control messages will be logged under Log > View when it detects any PC trying to update windows.
