You would like to control all web traffic from a specific operating system (OS).
To control the traffic from specific operating systems, the ProxySG appliance must be able to detect it. This process depends on the client sending the request. Most browsers include OS in the user-agent field in the HTTP request header. For example:
GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Windows NT 6.3
The Platform token identifies the operating system and version. The example token indicates Windows 8.1.
To deny all requests from Windows 8.1:
Launch the Visual Policy Manager (VPM) from Configuration > Policy > Visual Policy Manager.
Create a new rule in a web access layer.
Set the source object as a new Request Header.
In the Set Request Header object, set the drop-down menu type to User-agent.
Enter Windows NT 6.3 in the regex field.
Set the action to Deny.
Once the above steps are complete, all web requests from Windows 8.1 workstations are denied, provided the HTTP header is viewable by the ProxySG appliance, and it contain Windows NT 6.3 in the
User-agent field of the request.
Note: This policy will stop most traffic from Windows 8.1 workstations, but any client application that obfuscates or does not send the user-agent string will not trigger the rule in this article.
This can give some unexpected results depending on the User-agents that your clients use as it depends entirely on the HTTP header to be filled in appropriately and also viewable.
Imported Document ID: 000024865
Subscribing will provide email updates when this Article is updated. Login is required.