Web-Control Policy does not work

Hi Community,

I have just finished migrating clients from Sophos on-premise management to Sophos central; the license we use is Intercept X Advanced.

According to Sophos Central the Web-Control Policy I created is used for our domain-users. However the blocking just does not work.

Users are able to access, in this case adult websites without any hinderance.

There is no logging in Sophos Central about users accessing these websites although according to the policy those sites should be blocked and a log entry be made.

In Sophos Central and in the Sophos Agent on the respective clients everything lights up green.

I am startung to suspect that maybe other policies might be not working either

Where do I begin troubleshooting ?

Regards

Tobias

Parents
  • Hello Tobias,

    Thank you for reaching out to the Sophos Community. 

    I recommend checking from Sophos Central to see the user that is detected as "Logged in" on the affected device. Ensure that the user as shown is listed in the policy you've defined for Web Control. 

    Sophos Endpoint will create a User Entry based on the logged-in user, which can sometimes affect how policies get applied. 

    Another way you can find out is by using the following navigation. 
    - Open the "Devices" list
    - Select the device in question 
    - Navigate to the "Policies" tab under the device
    - Verify that the desired "Web Control" policy is shown here 

    This UI will change based on the resulting policies that are applied to the endpoint. 

    If you can confirm that the correct policy is being applied, but the endpoint does not block websites as expected, let me know by updating this thread, and I can request logs and or remote assistance to take a closer look. 

    Kushal Lakhan
    Global Community Support Engineer
    Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hello Kushal,

    I verified, that the user to whom the policy is bound is indeed logged on to that PC.

    Also, I verified, that the Web-Control policy I created is shown under Devices -> Polciies.

    Furthermore, I found, that a scheduled scan I set up on a user defined Threat Protection policy, I bound to a computer group where the client in question is a member of did not take place. However this policy is also shown under Devices -> Policy. Therefore, I assume that this policy is also not active on the client.

    Please let me no what furthor information you nedd to pin down this issue.

    Regards

    Tobias

Reply
  • Hello Kushal,

    I verified, that the user to whom the policy is bound is indeed logged on to that PC.

    Also, I verified, that the Web-Control policy I created is shown under Devices -> Polciies.

    Furthermore, I found, that a scheduled scan I set up on a user defined Threat Protection policy, I bound to a computer group where the client in question is a member of did not take place. However this policy is also shown under Devices -> Policy. Therefore, I assume that this policy is also not active on the client.

    Please let me no what furthor information you nedd to pin down this issue.

    Regards

    Tobias

Children