I have a customer he is requesting if it is possible to allow to navigate to a Citrix websites but blocking the https files in upload allowing instead the downloads.
He created a DLP base policy and was working fine but when downloading he was getting a blocked file message even if the file in the end was successfully downloaded. In the base policy the messages settings of show message was not disabled, so I think that could be the issue.
Also when created a separate DLP policy(from the base policy) the rule was not working and I am not sure why.....So is it what he is trying to do something possible and that will work as he is asking ?
Apology for the incorrect link here is the full link of the KB that I wanted to share. https://support.sophos.com/support/s/article/KB-000035106?language=en_US
can you share a snapshot of the DLP…
Can you confirm if the endpoint computer is running via windows OS? If so? Kindly you may check if Secure boot is currently enabled on system bios.You may refer to this link, which will explain the issues for DLP and it's compatibility with Secure bot.
I cannot see the mentioned link you mentioned above.
the customer confirmed the machines are running on OS Windows 2016 virtual Machines on vSphere and that Secure Boot is disabled on all of their Virtual Machines.
can you share a snapshot of the DLP policy configuration?
Secure boot should be fine now as the SophosED.sys driver now injects detours DLL into processes rather using appinit which is the method that doesn't work with secure boot.