Jan 01 2023 09:57 AM
Hi guys, our organization uses defender for business.
Web content filter rule can be by-pass using a VPN (E.g Psiphon VPN or another VPN). So, we tried to block the VPN app via Defender for Endpoint portal using "Settings>Endpoints>indicators>Certificates. Unfortunately, the blocking can be bypassed again if we click "Allow" in the client machine's Defender, so the Psiphon VPN (portable version) is working properly.
Jan 01 2023 11:18 AM - edited Jan 02 2023 04:26 AM
Certificates will keep changing so using that to block the installation will not really help. How is the VPN application being installed? Do users have local admin rights?
Jan 01 2023 10:16 PM - edited Jan 01 2023 10:17 PM
Thank you for your reply.
VPN App is portable type.
Yes, have local admin right.
VPN bypassed Web content filtering policy so Web content filtering is useless. Please advise me the best way how to block vpn app execution.
Jan 02 2023 04:29 AM
Jan 02 2023 04:32 AM
Jan 02 2023 04:50 AM