Flash applications can bypass the ProxySG appliance in an explicit deployment and go directly out via firewall on port 1935 (RTMP).
To prevent this occurrence, block the port on the firewall. After you block the port, however, Flash applications could try to go out via the appliance based on the computer/browser's configuration as RTMPT (RTMP tunneled) using http port (80) or 443.
Note: If RTMPT uses port 443 (not true SSL packets), the detect protocol feature would be able to detect this traffic and should fail the connection by default.
Use one of two methods to block the Flash streaming content. To determine which one to use, verify if the appliance has a Flash license:
In the Management Console, select Maintenance > Licensing > View > Licensed.
Look for a component named Flash Streaming. In this component does not exist, the appliance has no Flash license. To obtain a Flash license, contact your local sales representative.
Example of a Flash Streaming license:
Component name: Flash Streaming
Serial number: XXXXX-XXXXX
Product Description: SOFTWARE, Flash
Part Number: FLASH
Activation date: None
Expiration date: 2016-05-18
If your appliance has a Flash license
Deny Flash streaming content with the following policy:
If your appliance does not have a Flash license
Block Flash streaming content by user agent and/or content type and the HTTP method for streaming Flash. The following is an example: