Forum Discussion

PrakashRIndia's avatar
6 days ago

unable to block windows update

My network is getting choked as more than 2 TB download has happened in last 2 weeks. I want to block windows update so that the network is not choked due to auto windows update. I even created Internet Firewall Policy to block Application "windows update" and also added all domains/FQDN used for windows update but still the same is getting downloaded. Though I can see block action in most of the events but looks Cato has defined "Windows update" application under various categories like "Business Systems", "Software Updates", "General", "
Computers and Technology".

Please let me know how to block complete windows update for all so that there is no data downloaded for the same as already all my users are facing slowness in accessing any web URLs and looks this as of the reasons.

  • bizzle90's avatar
    bizzle90
    Icon for Cato Employee rankCato Employee

    Hi Prakash,

    Thank you for the question on the Cato Community Portal!

    I have to be honest but this is going to be quite difficult to understand your use case without further analysis and understanding of your Cato configuration regarding how you are identifying this high load of Windows Update traffic and how you have configured your rules to block this traffic.

    As I am from the support team, I would suggest to raise a support ticket with my team, so we can review your configuration and confirm that indeed traffic should be blocked as expected, and further understand why Windows Update traffic is still being allowed if not matching your block rule

    What I can suggest as a workaround in the meantime is ensuring that you disable Windows Updates on your machines (if feasible via a GPO from your AD or Azure AD configuration).

    To add further, I would check your INET Firewall stack configuration as it works in a top - down order, please see this KB here regarding our best practices:

    https://support.catonetworks.com/hc/en-us/articles/360004274777-Internet-and-WAN-Firewall-Policies-Best-Practices