Securly Filtering Global Proxy - iOS app problems.

AErwin
New Contributor III

We are using Securly content filtering on our district iPads. We use the Securly global proxy method. This year we have a bunch of apps that will not function with Securly installed. Securly's support so far has been to modify our PAC to not proxy the domains of the effected apps. That works, but I'm concerned because there seems to be a new app reported everyday that is not working. We didn't have these issues last year with Securly. I'm trying to get someone from Securly to speak to me on the phone to go over this issue, but I've had no luck so far. They seem to only want to work via email and for the most part, I just receive a canned email stating our PAC has been modified.

To me the issue seems to be related to SSL inspection. However, the Securly interface is pretty simplified and I don't have any control of inspection (that I know of).

Is anyone else who uses Securly experiencing this? Most of our devices are 10.2.3, some are 10.3.3.

6 REPLIES 6

AErwin
New Contributor III

Update. I'm still having issues - we've had three more apps this week stop working when Securly proxy is installed (Dreambox, Sumdog and IXL.) I finally found out who my account representative is and made contact. They are trying to help, but so far no results. For now, we just keep modifying the PAC file for non-proxy access to the apps's domains that are not working.

christina_luis
Contributor

We are currently experiencing issues with Securly and the apple mail app. It will not allow a full set up of the students email. We worked with JAMF to pinpoint that it was in face the Securly proxy causing the issues. Im trying to do some work around to see if we can get it working before our full deployment of iPads on Monday.

I am not sure about other apps as we have barley started school on Wednesday, but will update here if we continue to see issues. Thanks for the heads up!

frechr76
New Contributor

I'd be asking why Securly wants you to use the PAC

https://blog.securly.com/2015/05/18/ssl-decryption-without-pac-files/

I haven't talked to Securly myself, but one of our Sys Admins asked me to deploy a PAC recently, so of course I asked why and what it's needed for. "Securly isn't fully implemented at the district, and Securly said to deploy this to iPads to force it to use Securly...". Needless to say, I haven't deployed the PAC...

Have you set up a test environment with just one or a couple of iPads and installed just the Securly cert(without using any PACs) Same results?

AErwin
New Contributor III

frechr76,
We piloted securly last Jan at one school. Securly set us up to use a PAC file hosted by them. The impression I got from them was that the PAC method was standard operating procedure.

We don't use securly DNS - just global proxy. The goal being the iPads get filtered offsite and on. Is there a better method for that goal via Securly that I should know about?

Last semester, during our demo with around 650 iPads, I had almost no problems. Now it's daily.

frechr76
New Contributor

Yeah I think it would be best to keep hammering Securly to jump on a phone con with you. That is our goal as well, to filter district owned devices onsite and while they are at home.

For JAMF, I just deploy a config profile with the Securly cert, users are then directed to log in with their Google account to auth
aee33addf5114035b61e6eae473bf7b7

Cert can be downloaded from here at the bottom:
https://support.securly.com/hc/en-us/articles/212511418-Casper-JAMF-iOS-Configuration

Give it a whirl in your test environment!

AErwin
New Contributor III

I will, thanks!