Application blocker is a security feature that allows Organization administrators to block specific ports and protocols from being accessed while connected to your organization’s private gateways. The feature uses deep packet inspection (DPI) to filter traffic.
For example, you can use application blocker to block specific messaging services like Snapchat or Viber and peer-to-peer file-sharing apps like Stealthnet or Thunder.
How to enable application blocker?
- Log in to the NordLayer Control Panel.
- Navigate to the Network section and click on Servers.
- Select a server from the available list, then click the Configure button next to the chosen server.
- From the dropdown menu, choose Application blocker.
- In the modal that appears, select the applications you want to block for users connected to this server.
What can you block with an application blocker?
NordLayer allows you to choose from up to 400 ports and protocols to inspect and block. Here are they, listed in alphabetical order:
| Category | Ports and Protocols |
|---|---|
| Adobe Connect | HTTP, HTTPS, RTMP, and RTMPS |
| AdTech | Ads Analytics Track |
| Adult Content | Adult Content |
| Amazon Services | Amazon Alexa |
| Apple Services | Apple TV Plus, iCloud (including Private Relay), iTunes, Push, Siri, Store |
| Authentication & Authorization | Diameter, Kerberos, RADIUS |
| Building Automation | KNXnet/IP |
| Content-hosting Service | Pastebin |
| Crypto | Cryptocurrencies, Mining, Financial Information eXchange, Nano, Zug |
| Cybersecurity Services | Avast, CyberSec, FortiClient, etc. |
| Database | ClickHouse |
| DevOps | RX, CORBA, ntopng, Open Collaboration Services API, Crashlytics, Syslog, Collectd, Zabbix, ZeroMQ |
| Distributed/Industrial Protocols | DNP3, DRDA, CIP, EtherNet/IP, Siemens S7, etc. |
| DNS Services | DHCP, DNS, mDNS, OpenDNS, DNSCrypt, DoH/DoT |
| Dynamic Host Configuration Protocol | DHCPv6 |
| Dynamic Link Exchange Protocol | DLEP (RFC 8175) |
| E-commerce | Alibaba, Amazon, eBay |
| EAQ Protocol | EAQ |
| Email Protocols | POP3/POPS, IMAP/IMAPS, SMTP/SMTPS, Lotus Notes Web Service, SMTPS |
| File Sharing | Dropbox, FTP, OneDrive, Rsync, TFTP, FLUTE (RFC 6726), Lustre, NFS, Usenet, Server Message Block |
| Free Online Encyclopedia | Wikipedia |
| Gaming | Steam, Epic Games, Riot Games, Nintendo, Xbox, PlayStation, League of Legends: Wild Rift, NetEase Games, Path of Exile, Call of Duty: Mobile, The Elder Scrolls Online, etc. |
| Google Services | Gmail, Drive, Meet, Maps, Waze, Googlecall, etc. |
| H.248 Media Gateway Control Protocol | Megaco |
| HLS (HTTP Live Streaming) | HLS |
| HTTP-related Protocols | HTTP/HTTP2, DoH/DoT, WebDAV, HTTP Proxy/Tunnel |
| Huawei Services | Huawei, Huawei Cloud |
| Infrastructure & Networking | AWS, Azure, Cloudflare, OpenFlow, TLS, DTLS, Meraki Cloud, NAT-PMP, ATG, Bidirectional Forwarding Detection, Border Gateway Protocol, CAPWAP, ISO/IEC 14908-4, CoAP, Ethernet Global Data, Exterior Gateway Protocol, GPRS Tunnelling Protocol, LLMNR, LISP, MQTT, Netflow, Network Time Protocol, OSPF, BACnet, PFCP, SCTP, ANSI C12.22, TRDP, VRRP, WHOIS-DAS, etc. |
| Internet Group Management Protocol | IGMP |
| IoT | TeslaServices, Xiaomi, RIPE Atlas, Ubiquity UBNT AirControl, etc. |
| IP Tunneling / VPN | IPsec, OpenVPN, WireGuard, PPTP, CiscoVPN, CactusVPN, NordVPN, Surfshark, Windscribe, Private Internet Access, ProtonVPN, TunnelBear, Tor, CactusVPN |
| IPv6 Transition Protocol | Teredo |
| IT Monitoring & Directory Services | Checkmk, Munin, LDAP |
| Java Remote Method Invocation | JRMI |
| Meeting & Calling Software | Fuze, Paltalk, Webex, Zoom, Adobe Connect |
| Messaging Protocols/Services | Slack, Telegram, WhatsApp, Viber, Signal, QQ, Line, Threads, Messenger, DingTalk |
| Microsoft Services | Outlook, Microsoft 365, Teams, Windows Update, Azure |
| Network Authentication | Kerberos, RADIUS |
| News & Email | Yahoo |
| News Services | Bloomberg, CNN, AFP, SAP |
| Ookla Speedtest Protocol | Ookla |
| OpenID-based Single Sign-on | UbuntuOne |
| Oracle Services | Oracle |
| P2P File Sharing | BitTorrent, Gnutella, eDonkey, Syncthing, etc. |
| Ping/Echo Requests | ICMP (v4 & v6) |
| Printer Protocol | BJNP |
| QUIC | QUIC (UDP-based) |
| Real-Time & Streaming Protocols | RTSP, RTMP, RTP, RTCP, MPEG-TS |
| Relational Databases | MySQL, PostgreSQL, MSSQL, DRDA, Oracle, etc. |
| Remote Access | RDP, VNC, SSH, Telnet, TeamViewer, XDMCP, etc. |
| Routing | LDP |
| SaaS CRM | Salesforce |
| Search Engines | Naver |
| Service Discovery Protocols | SSDP, SLP |
| Simple Network Management | SNMP |
| Social Media & Chat | Facebook, Instagram, Twitter, TikTok, Reddit, Discord, Messenger, Bluesky Social, Mastodon, etc. |
| SOCKS Protocol | SOCKS4/5 |
| Software Development & DevOps | Git, GitHub, Kafka, MongoDB, Thrift, etc. |
| Streaming Services | Netflix, Hulu, YouTube, Spotify, Twitch, Disney+, iQiyi, HLS, Sonos, etc. |
| VoIP Protocols | SIP, H.323, Skype, Mumble, TeamSpeak, Viber VoIP, GoTo, DingTalk, etc. |
| VPN Services | Private Internet Access, ProtonVPN, TunnelBear, Tor, CactusVPN, NordVPN, Surfshark, Windscribe, etc. |
| Weather Services | AccuWeather |
| WebSockets | WebSocket |
| Wire Protocols | OpenWire |
| Yandex Services | Yandex Cloud, Disk, Metrika, Mail, etc. |
| ZeroMQ | ZeroMQ |
Note: In case you have any questions or are experiencing any issues, please feel free to contact our 24/7 customer support team.