This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block all web sites, allow a few URLs

Hello,

We are trialing this endpoint system. With our current platform I can set a deny all, but allow just Office 365 URL's to allow outlook/webmail only. Is this possible? I don't really see any options to set that up?

This thread was automatically locked due to age.

Parents

0 RichardP over 2 years ago

Hi Adrian,

In general, the Endpoint Web Control is more meant to prevent access to specific websites with a default allow. You could achieve this goal, but it would be cumbersome.

A better product for that sort of thing is the SFOS (Sophos Firewall) since it can sit at the demarc and can have more robust filtering options - such as acting as a web proxy. https://www.sophos.com/en-us/products/next-gen-firewall.aspx

RichardP

Program Manager, Support Readiness | CISSP | Sophos Technical Support
Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel
0 Adrian Henderson over 2 years ago in reply to RichardP

Thanks. This is a simple check box in Kaspersky endpoint. We have an XG, but the procedures to do that is really involved, with user sync and logins, enable SSL inspection.certificate etc.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Adrian Henderson over 2 years ago in reply to RichardP

Thanks. This is a simple check box in Kaspersky endpoint. We have an XG, but the procedures to do that is really involved, with user sync and logins, enable SSL inspection.certificate etc.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Wayne Folta over 2 years ago in reply to Adrian Henderson

You don't need to use all related XG features to do what you want, which I think lowers the complication factor a lot.

All you need to do is have one Firewall rule to drop all HTTP/HTTPS traffic destined for the WAN, and above it place a rule that allows HTTP/HTTPS traffic but only to the websites you want to allow. Have these two rules early in the Firewalls Rules so that HTTP/HTTPS traffic is dropped before other rules that might allow it due to other factors.

For the HTTP/HTTPS traffic that you allow, you should impost the appropriate CFS, IPS, and decryption conditions that make sense.
Cancel
Vote Up 0 Vote Down

Cancel
0 Adrian Henderson over 2 years ago in reply to Wayne Folta

Thanks. But it's not for everyone, just a few PC's so that does involve either restricting by the user log in or statically assigning/reserving an address etc. Comparably, I just wish there was a feature that could handle it along with blocking ZIP/Archives in the allowed downloads options with ease.
Cancel
Vote Up 0 Vote Down

Cancel
0 RichardP over 2 years ago in reply to Adrian Henderson

we are currently updating our Web Control offering. I will talk to the PM and dev team and see if we can include something like this or if the new offering will have an easier way of configuring it.

RichardP

Program Manager, Support Readiness | CISSP | Sophos Technical Support
Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel
0 Adrian Henderson over 2 years ago in reply to RichardP

Thanks Richard. If you have their ear, can they add an option to block/warn/allow archive files like zips etc?

Also, I can't block downloads like exe's etc under the policy. It still allows them like downloading a driver exe from HP downloads and opens and runs :/. The web filtering on the policy is kind of working, I get an SSL error for blocled pages, but not a nice error that this page was blocked, and maybe company logo.
Cancel
Vote Up 0 Vote Down

Cancel