Forum Discussion
Block Psiphon VPN via Defender for Endpoint
Hi guys, our organization uses defender for business. Web content filter rule can be by-pass using a VPN (E.g Psiphon VPN or another VPN). So, we tried to block the VPN app via Defender for Endpoint...
Certificates will keep changing so using that to block the installation will not really help. How is the VPN application being installed? Do users have local admin rights?
Thank you for your reply.
VPN App is portable type.
Yes, have local admin right.
VPN bypassed Web content filtering policy so Web content filtering is useless. Please advise me the best way how to block vpn app execution.
- Then I will suggest to set the users with standard permissions so that they can’t install any VPN software themselves. Set restrictions against browser extensions for the same. You won’t be able to address this using MDE policies.
- Thanks for your suggestion. You mean we don't have to configure any policy in MDE right?
- Nothing directly relevant that can work dynamically. You can possibly block the installer exe or like you did using the cert, but these are not sustainable options in my opinion.