You would like to allow users to access Gmail but block access to the URL chat category in SWG and also block the ability to use the chat functionality while logged in to Gmail.
In order to increase security, HTTPS is enabled by default to access Gmail (https://mail.google.com). The SSL-encrypted login also means that URLs accessed via this tunnel are hidden to SWG unless the HTTP/S proxy feature is used. The proxy feature is available on SWG 5.0.0.x or later.
To block Google Talk (Gtalk) but still enable Google Mail (Gmail) several steps need to be completed:
Make sure SWG has the HTTP/S proxy feature enabled and that the browsers accessing the web through this proxy.
Make sure SWG has been licensed for Content Filter.
Check which policy will be used to implement this or create a new one and make sure the client machines will match this policy when accessing the target URLs.
Make sure that Gmail under Application Control Categories is set to monitor or allow
Create a blacklist entry for the IP address that results of the command: nslookup talk.google.com
Configure the policy to block Chat under Content Filtering categories.
Within the same policy create the following exceptions:
chatenabled.mail.google.com set to block
mail.google.com set to monitor
ssl.gstatic.com set to block
talk.google.com set to block
www.gmail.com set to monitor
Open the browser and access https://mail.google.com. The site should be accessible and the Chat window should display the following message: "Unable to reach Gmail. Please check your internet connection or company's network settings".
Imported Document ID: TECH96895
Subscribing will provide email updates when this Article is updated. Login is required.