SphereShield Proxy for Webex Demo

Owned by Agat Support
Last updated: Mar 09, 2022 by Meir Davis
4 min read

Introduction

In this article we will outline the steps to try out SphereShield for Webex using the Proxy approach, implementing TLS inspection.

The demo includes two separate features:

1- Message content inspection using DLP. Sensitive content is completely blocked from reaching the Cisco Cloud.

2- Blocking file upload, audio, video and screen-sharing using Ethical Wall. Operation is blocked before reaching the Cisco Cloud.

How to connect to the demo machines

Details of users, passwords and IP addresses will be provided upon request.

Demonstrating Messages DLP

Login to Admin Portal

You can see the DLP preconfigured policies here: https://ciscobastion.agatcloud.com/admin/dlprules

You can see a list of DLP policies.

If you click on ‘Edit’ next to the policy you can see the option to block or monitor violations.

You can also see that it is possible to configure a risk level and apply policies to specific Groups.

Please do not make any changes

 

There are 2 DLP policies enabled to mask the sensitive data.

1- Credit Card Number

2- The word “Catch22”

 

Test Case 1 - Block sensitive information in messages

  • Use Alice (Machine1) and send the following sentence to Bob:

  1. Have you heard of the new project Catch22

See that the sensitive content is masked in real time before reaching the destination user. Content does not even reach cloud.

  • You can also try some Credit Card numbers . Please find two sentences that contain credit card examples below:

  1. Please find customer finance details 6703444444444449 let me know if more is needed.

  2. The credit card number is 4035501000000008 please let me know when payment is due

Credit Card Numbers

6703 4444 4444 4449

4035 5010 0000 0008

 

See that message also comes from the SphereShield Agent in the Chat

See that incidents are audited here - https://ciscobastion.agatcloud.com/admin/dlprulelogs

*Please note - the DLP Proxy will not blocks files in real time. In this demo, files are being blocked due to Ethical Wall Policies . See below.  

Ethical Wall

SphereShield can also be used to create flexible policies to block communication internally and externally.

Navigate to the Ethical Wall Policy page here - https://ciscobastion.agatcloud.com/admin/federationpolicy

We have configured a policy called Default Internal Policy that blocks Audio, Video, Screen sharing and filesharing between internal users

** Please do NOT change any settings in the portal

Test Case 2- Block file

Use Alice (Machine1) and send a file to Bob

Use file in File Explorer > Documents > CreditCard numbers.txt

See that the file is blocked in real time before reaching the destination user. Content does not even reach cloud.

See that incidents are audited here - https://ciscobastion.agatcloud.com/admin/activityauditing

Admin Messages have not been configured for Ethical Wall violations)

Test Case 3 - Block Audio

Use Alice (Machine1) and try and call Bob

See that call fails

You will see that Webex is still trying to call Bob - wait a few seconds until this fails too.

 

Now try to share screen

See that it fails

And finally - try to start Video

…and see that it fails.

See auditing of above violations here https://ciscobastion.agatcloud.com/admin/activityauditing