Ethical wall Blocked Teams and Blocked chat - how it works

Owned by Yoav Crombie
Last updated: Apr 18, 2022 by David Elkarat
2 min read

Background

Here is a basic Ethical Wall functionality in AGAT product

  1. Event is created by a user in MS Teams

  2. Event is inspected by Teams Protector or CasbAdapter

  3. Event is sent to Ethical Wall engine inspection

  4. Ethical Wall engine checks if this event violate one of policies configured in AdminPortal

  5. Ethical wall engine provide the result to Teams Protector\CasbAdapter (Allow\Block)

  6. Teams Protector\CasbAdapter perform the actual action on the event (Allow\Block)

All these 6 faces affect performance, mostly the EW inspection. To improve performance, AGAT components use some cache options to save the EW inspection.

 

Caching

One of our cache option is Blocked Rooms\blocked Teams, while Room refers to a chat between 2 specific users and all room has Room ID\Chat ID.

If Ethical Wall found a violation in a Room\Team it will save it as a blocked room\blocked team (tables in DB: ROOMS, MSTEAMS_TEAMS - State=Blocked). Next event in this room\teams - CasbAdapter will block according to the state of this room\team (TP doesn’t use blocked room\teams). The time this cache is valid can be configured in CasbAdapter config file (“P2PInspectionTimeExpiration”)

 

Unblock Room

If you want to unblock a room you can delete the room from the table or change its state to “Inspected”. If you want the traffic to be allowed imediately in this room you need also to clear EW cache between these 2 users and restart CasbAdapter.

New feature starting from portal version 5.6.13 - Reinspect room\team. This action will clear EW cache and the EW will reinspect if this room\team violates a policy (need also to restart CasbAdapter)

 

Support & Maintenance - Blocked Chats\Teams