I have updated our end point policy on the sophos admin center via the cloud.
I have blocked .exe files via policy, but it does not work. Users can still open .exe files downloaded from the internet. I have updated the software via the pc and pushed update from the cloud to end point(pc) but no good. Restarted few times, still the same.
I have verified that the website listed here is blocked: http://sophostest.com/malware/index.html.
Anyone got an idea as to why ?
The component at the endpoint doesn’t man-in-the-middle the traffic to ‘see’ the content so it does’t know it’s an exe in this case. It can still block/warn sites using the SNI of the SSL ‘client hello…